Re: [Cooker] Peer to Peer Package Sharing (was Mandrake 9.1 Should be Delayed)
On Friday 07 March 2003 05:33, Vincent Meyer, MD wrote: > On Friday 07 March 2003 05:22 am, Paul Dorman wrote: > > Andi Payn wrote: > > >But on the other hand, where does the network come from? If you build a > > > new p2p network from scratch, you need to get people online. > > We're already online! Just a matter of getting things started. Yes, many Mandrake users have a 24/7 connection (or at least a many-hours-per-day connection) with lots of bandwidth. But that doesn't mean that they'll all be willing to run a p2p server and share that bandwidth. First, there are potential security issues. Second, some people pay for every kilobyte of bandwidth they use--and those who don't still generally want to have all the potential bandwidth they're paying for available whenever they want it. (You could set up a traffic shaper where everything else has priority over the P2P system by default, but that's not exactly trivial.) Third, running a server takes CPU and memory. Fourth, you have one more port to open up on your firewall. Finally, any time you force people to provide resources in exchange for free software, the software is no longer free. So you'd pretty much have to make the default setting, "Don't run the server," then try to convince your users to run it. I'm not saying it would be impossibly hard to do this, but you can't count on automatically having a huge P2P network running just because there's a huge Mandrake user base. There's also the fact that most users don't keep 2GB worth of packages (more, considering that you want to be able to find downgrades on the network) lying around their hard drives--they either keep them on CDs, or they download and immediately delete them (through urpmi/rpmdrake, or manually). If you searched my system, you'd find the six packages that I put together myself, and maybe a few others that are part of the urpmi I'm in the middle of. If you're really lucky, one of the rc2 CDs would be in my drive. I might be willing to host the whole distro for the good of the network (what's 2GB out of the 12 or so drives lying around different systems in my house?), but it certainly isn't anything that I'm already doing--and I think the same is true of most other users. Having a few high-bandwidth major mirror servers on the P2P network would make a huge difference, so the most important step is probably finding sites to host such mirrors. Would stealth.net, mirrors.org, etc. be willing to do this? I guess the only way to find out is to ask them Trying to get users to contribute their own bandwidth, storage, and other resources (whether through community spirit, discounts on Club membership, or whatever) could be a long-term goal, but I don't think it'd be enough to get the system started. > MandrakeSoft should provide the top level server, which could then be used > to authenticate packages and such, too. A real P2P network doesn't have a "top level server," but you're on the right track--they can provide a simple webserver that just provides the SHA URIs (in fact, they could be custom-protocol URLs, and Mandrake could configure the web browsers to send that protocol to the P2P upgrade program). > An advantage of this kind of network is that MAYBE a big hard disk isn't > required anymore. I have a dual boot laptop, and the two partitions I have > are both over 95% full. Can only go so big on the drives that will fit in > this machine! With a P2P, could search for the roll-back package, and with > enough users out there probably find it. Except that if you keep fewer packages around because they'll be all over the network, so will everyone else, so those packages actually won't be all over the network > > The categorisation thing is a hard problem I think. What relevance is > > there *really* in choosing a KDE workstation or a GNOME workstation? If I use KDE, I want to be able to upgrade all of the "KDE Workstation" packages that I installed in one fell swoop. If the categories have any useful reason to exist in the installer, I don't see why they shouldn't exist in the upgrader. > > >Maybe something like Microsoft's "restore points" in XP, but done right, > > > would be useful as well... > > > ... Unfortunately, I think it would be even harder to get this > > > right under linux than under XP. > > > > But I disagree that it > > would be harder to do it under Linux than under XP. We have openess, > > community, and package management systems! Yes, but they have a monolithic OS that's developed almost by a single team, they have control over what updates are available, and they have the freedom to get it wrong the first time and then spend two years getting it right without going out of business Think about it this way: Under XP, you either install SP1, or you don't; under Mandrake, there are an unbounded number of upgrade paths. XP just tracks files replaced in or removed from the C:\Windows hierarchy and chang
[Cooker] Peer to Peer Package Sharing (was Mandrake 9.1 Should be Delayed)
On Friday 07 March 2003 05:22 am, Paul Dorman wrote: > Andi Payn wrote: > >On Thursday 06 March 2003 22:00, Paul Dorman wrote: > >>Or what about some kind of p2p solution? Where -light machines are > >>networked to and updated from other -light machines across the net? > >>Checksumming and other tools could be used to address security concerns. > > > >You know, I almost took a job working for a company that thought the time > > for this had come a year and a half ago Maybe it is more doable now, > > at least for open source software (you don't have to worry about how to > > bill people, how to force users to stay online whenever possible, etc.), > > but there is still a major project, and there are problems that nobody's > > yet solved. > > That's interesting. There seem to be a bunch of projects applying p2p in > interesting and imaginative ways, so perhaps any problems wouldn't last > for long... The Linux community is getting bigger all the time; there > has to be some threshold past which p2p could be effective. This is a fantastic idea. Since is P2P could also be used to distribute non-mandrake made packages, too. Have the client check a master list of known signatures, and have the client separate "official" from "non-official" packages. > > >On the one hand, an open source project can just use an existing protocol > >(say, gnutella) rather than building something new from scratch, and > > doesn't need to worry about billing, etc. And just distributing SHA URI's > > on official mirrors would be enough to search for the file online and > > verify that you've downloaded the right one (and of course RPM signatures > > provide security on top of that). > > Good, good. I was thinking something based on Gnutella. Many of the > clients have built in discussion and chat facilities, as well as > administrative tools. Lots to build off there. > > >But on the other hand, where does the network come from? If you build a > > new p2p network from scratch, you need to get people online. We're already online! Just a matter of getting things started. Unlike music P2P - we ALL have the same "taste in music" - Mandrake packages. Means much higher hit rate than other file share networks. >>Most users > > won't be connected to the network except when they're in the middle of > > their own upgrade. Depends. Many users ar connected to the internet on fairly fast connections for most of the day. Any home user with a cable modem comes to mind. If the client is only being searched for Mandrake packages, and not every form of music under the sun, search traffic shouldn't be too bad, and cpu usage shouldn't be too bad either. >>If you use, say, the existing gnutella network, you > > have the advantage that every Mandrake user who's using gtkg, qtella, > > limewire, etc. (assuming they've added their package repository to their > > p2p upload directory list) is available--but the disadvantage that most > > of the people on the network don't have the files you want. > > I think MandrakeSoft would be the ones to do it. The installer *is* > looking pretty slick -- perhaps they have some spare developers looking > for something to do ;oP The network, the tools needed to make it work, > and the active community would be a great asset for the company. > There's a lot of people using this distro, and the number of potential > participants is growing all the time. Your CPU cycles, storage, and > bandwidth could be a way of giving back to the community... MandrakeSoft should provide the top level server, which could then be used to authenticate packages and such, too. > > I think a separate network would be required - as then specialist > functions particular to the purpose (such as developers flagging bugs > they are working on, checking package integrity, etc.) can be done > without the restrictions imposed by the capabilities of current Gnutella > clients. Perhaps as the generic clients get more modular MandrakeNetwork > plugins would be the thing... > > >Either way, you'll probably still need mirror sites--and I'm guessing it's > >much easier to find someone who will run ftp, rsync, and/or http mirrors > > than finding someone who will attach their mirror server to either a > > brand-new p2p network or the existing gnutella network > > Clearly the more machines the better > > >>Oh, and I think that packages should be revertable on installed systems > >>as well. Users should be protected against unstable software wherever > >>possible, but at the same time they will demand the very latest releases. > > > >It would be nice to be able to downgrade through urpmi and the GUI tools > > (of course you can already downgrade today--just download and > > force-upgrade--but it's not as easy as installing or upgrading). If I try > > to downgrade kdebase, it would tell me "you also need to downgrade > > kdelibs and kdegames and uninstall kdevelop," and (if I approve) it would > > go get the relev
