I was recently at MCH 2022[1], one of the big European hacker camps. We had some really good conversations about Spectrum, and I thought I'd share my takeaways here:
1. We were praised for our recent documentation efforts, both in implementing Diátaxis[2] and Architecture Decision Records[3]. So big thanks to Ville for spearheading the latter.
2. We talked about the use case of having multiple user data partitions. This would allow very strict separation of security domains, and could also be helpful for data portability — you could have one user data partition in your desktop, and another on a portable disk, for example. And if, way down the line, we want to do really cool things like have live migration of VMs between systems, architecting for multiple user data partitions will be a big help with that too.
This is one of those things where it's not difficult to do, as long as we plan for doing it that way from the start. But if we didn't do it that way from the start, and decided we wanted to add it later, I can see how we'd be in for a world of pain. So I think it's a sensible change to make. We're unlikely to regret making it, but reasonably likely to regret not having done it earlier if it becomes really important later on.
3. Something that can apparently be difficult for Qubes is having every VM have a unique, human-readable name in a global namespace. This means that, for example, disposable VMs have to try to generate a name that isn't already in use. This is especially relevant if we end up supporting multiple sources of VMs as described above.
So in the short term, we should probably change VMs to be identified with UUIDs, and have human-readable names be a layer on top. Not having a human-readable unique names in a single global namespace will help with thinking about VMs in terms of capabilities.
Since points 2 and 3 are architectural changes, I'll write them up and submit them as proper ADRs when I get the chance.
[1]: https://mch2022.org/ [2]: https://diataxis.fr/ [3]: https://spectrum-os.org/doc/decisions/
-
Alyssa Ross