March 21

Progress Report: Debut Album Artwork

So it’s been a while since I blogged about the debut album. The main news is the CD is now at the pressing plant. I had a local photographer come round to my cold conservatory and take some photos (Phil Richards Photography) – and then I went thru SimplyMarvellousMusic and Akcentmedia. Martin at SimplyMarvellousMusic handled the cover design (there are lots of options for packaging a CD!) and Akcentmedia (Sally & John) handle the whole QA process before submitting it to the production plant. I learnt loads about the process of production that I suspect traditionally musicians would be sheltered from by the technical folks at a record label.

So learnt that CDs are burnt typically following the DDP format. It’s basically a big file that containers all the songs (I suspect in a raw WAV format) but surrounding this are small metadata files – these including things like artist, song title and so on – the kind of things that are part and parcel of a format like MP3. To create the DDP files you first need to register with the PPL (https://www.ppluk.com/what-we-do/) which gets you a unique code (free to sign up, unique and lasts a lifetime) which is then added to every song you create and record. It’s from that royalties can be recovered. Mind you, I fully expect to have boxes of these CDs around the house for the next couple of years – so I don’t expect to buy my Hampshire pile next to George Harrison’s gaff anytime soon. Once I had the codes I met up with Dave and we outputted the DDP files. We used Reaper on this project, and it has the option to export DDP files, and there are loads of online tutorials on how to do that. If you working in a professional studio it’s something they will do for you.

I’m hoping to get the physical copy of the CD sometime in mid-April. I did think about doing the whole pre-order thing on Bandcamp – but the cautious person inside me felt unsure about selling something I didn’t have in my sticky paws – or had even played on a CD player. My plan when it arrives is to pop it in the car and go for a 40mins drive. Aside from getting ready in the morning, I seem to listen to music the most when I’m on the road.

Anyway, below are some proofs of the CD cover which will give you an idea of the look and feel.

Category: Michelle's Music | Comments Off on Progress Report: Debut Album Artwork
March 21

DEMO: Woman on a wire

So this is a song that improvised on my iPhone back in October 2023. I had hoped to sneak it onto my debut album, but after discussing things with David (my sound engineer/mixer/masterer) we decided that gap was too big in the recording window that sticking this track at the end of the album would sound a bit “odd” given that gap had grown to 4 months. So I guess this track will turn up on the difficult second album.

Many years ago I saw the documentary “Man on wire” which tells the story of one man’s successful attempt to walk a tightrope spanning the Twin Towers, in New York City. This happened back when I was a little kid in the 70s. I am always struck by the sheer chutzpah of someone doing that. But I was always struck by what a strong visual this made, and how it could work as a metaphor. You see life for everyone is like the tightrope – requiring bravery to put the first foot out, and resilience to stand the pain under the foot. Up there on the high wire can feel like a lonely place, and it’s often hard to see the people down on the ground wishing you to reach the other side. In my song the high wire is a test or trail you’re trying to overcome and just get to the other side – and that requires the tenacity to keep putting one foot in front of the other – and not to look down or look back – but keep one eye on the end of the rope.

At some stage, I want to record a studio version of this – perhaps a bit cut down – as it does go on a bit!

Category: Michelle's Music | Comments Off on DEMO: Woman on a wire
February 27

DEMO: Bring Her Home (Song for Brianna Ghey)

So this is a demo of a new song called “Bring Her Home” – a very rough cut just from my spare bedroom studio. The song is dedicated to Brianna Ghey, the trans girl who was recently stabbed to death in Linear Park. On a big level is really about how every parent just wishes their son or daughter, will come safely. That doesn’t seem to much to ask – but in the current climate of knife crime (and other violent crimes) in this country, it seems a big ask.

The title was inspired by the story of Tina Bell. She was last seen alive on Saturday 3 June 1989, and her remains were later found on 21 April 1990 on waste ground at the ICI Cassel Works, Billingham, Teesside. There was a recent unsolved murder documentary about Tina. She was 18 at the time of her death. When interviewed by the tv crew, they asked her brother what he hoped would be the impact of the programme – to which he replied very simply “Bring her home”.

I guess that speaks to the undescribable loss for a parent, or a child – whether a missing person or one whose circumstances of the death is unknown and justice is yet to be found.

I rarely write about relief events, less so events that are less than a couple of weeks ago. But I felt compelled to write the song when days later, Brianna’s death was reported on the news.

Due to my ill health, I couldn’t attend any of the street vigils for Brianna. So I played the song and lit a candle at home

Category: Michelle's Music | Comments Off on DEMO: Bring Her Home (Song for Brianna Ghey)
February 27

Talent Is Timeless

So I’ve entered a songwriting competition – my first!  I’m using the last song from my soon-to-be-released debut album called “Songs from a cold conservatory”. The song called “This time the darkness wins” was inspired by a holiday in Dumfries and Galloway. The competition is called “Talent is Timeless” a website set up to promote the creative efforts of those often overlooked by the music industry the over-50s.

The judges are a stellar bunch of folks including Judy Collins and Ralph McTell who have a thing to teach or two about the art of songwriting!

https://www.talentistimeless.com/2023-competition/ 

You can hear my entry on YouTube here:

Category: Michelle's Music | Comments Off on Talent Is Timeless
February 27

Debut Album: Updates, Launch and Merch

I can’t believe it’s been Nov 2022 since I last published anything here. I guess I’ve been focusing on my recovery (I recently had an altercation with a surgeon’s knife).  Each month I thought I would get back into the studio, but it kept on being pushed back and it wasn’t until Feb 2023 that I felt well enough to visit Cobbler Cottage Studios in Crich again. David my producer, engineer, mixer and master extraordinaire – played me back the final cut of the songs through a premium set of speakers – and I will be blown away. It is really very odd to be listening back to your own songs – and thinking “you know, this gal isn’t so bad” – almost forgetting it is me on the other end of the speaker cone. I hope that doesn’t sound too vain, but I surprised myself. In the end, the 9th track was dropped. So many months have elapsed since October when I was last in the studio, David felt it would be hard to re-capture the mood. The 9th track would have stuck out like a saw thumb. It was a good call. So the 9th track called “Woman on a wire” will appear on my second album. Since finishing recording in October of last year, I’ve written a further four songs. The plan is to leave it a year or two until the next album so I will have a clutch of songs that have been well worn in before heading to the studio. Between that time I’ll be doing my “demos” and putting them out online.

I really owe a lot to David and his partner Mel. It was David who collared me after a session in a local pub and said I should record. To be honest I was a bit taken aback, and thought him a bit loopy! But he must have seen something in that night’s performance that was worth committing to a recording. I guess that’s life, we are often surrounded by others who have more faith in us, than ourselves. So, really this album wouldn’t exist without David’s hard work and encouragement. I guess I should also acknowledge my brother in that  – who dared me to write “just one more song” to make up an EP, and ended up recording an album instead. That wasn’t part of the plan. But back in Feb 2022 when I started writing I had no idea whether the muses would desert me after 3 songs.

So where am I now? Well, the music has been rendered into a special format that uses at CD pressing plants. A local photographer friend of mine, Phil Richards has taken the photos for the album artwork – and I’m working with an online album cover designer. I’m days away from uploading the whole lot to the intermediary who works with the pressing plants. It’s been an interesting insight into the processes that happen in the background to create a CD. Yes, I know CDs how very 1990s. I mean who has CD player this day (I do!). CDs still remain a very cost-effective and durable way to get high-quality music to people who don’t necessarily use services like Amazon Music, Spotify or Apple Music. It’s a very easy way to distribute music at gigs rather than giving people download codes and such. CDs still offer independent artists (yes, I’m an artist now, allegedly) the best ‘margin’ on making and distributing music. Being an independent musician is a bit like being a small business. You have costs, margins and profit. Of course, my main goal is to recoup my outlay in making this music with the hope to be able to fund other endeavours such as the “difficult second album” (apparently they call this the Sophomore Slump in the US – which rather sounds like a dance craze from the 50s. You know – everyone’s doing it, everyone’s doing the Sophomore Slump)

As well, as the cost of recording and producing the CD, I’ve decided that my gigs will now have a merch table. One of the tracks on the album is called “The Robin” named after the small red-breasted bird. Folklore states that “when robins appear, loved ones are near”. It’s inspired by the feeling that both my Mum and I had, that an almost daily visit by robin during Winter, was actually the soul/spirit of my dearly departed Dad. Really the song I all about the love with have for loved ones (what else) and the desire to be near to them, even when they are far away. That could be because they have died, or simply because they live far away in foreign lands – or like a friend they come and go in your life, with the changing of the seasons. Very like the robin. So anyway, I’ve sourced some rather lovely robin themed merch for your delectation at gigs.

So I’ve had some cute robin mugs created, and some badges as well. The badges are made by local artist, Susy Moody.

 

 

 

 

 

 

 

 

 

So, it feels like it won’t be long until the CD is available. I just hope my health keeps on improving so I can get out there and play it for you.

 

Category: Michelle's Music | Comments Off on Debut Album: Updates, Launch and Merch
November 17

Debut Album: Songs from a cold conservatory

I’m currently working on my debut album. I’m recording at Cobbler Cottage Studios in Crich, Derbyshire. The working title is “Songs from a Cold Conservatory” and is a nod to my old practice space – a UPVC lean-too conservatory which is freezing in Winter and boiling hot in Summer. For logistical reasons I recently moved out of the conservatory into my living room – so my joke is that the follow-up album should be called “Songs from a Cosy Living Room”. That might actually work, that’s an album title – as Lou Reed said. Anyway, many thanks to both David and Mel at Cobbler Cottage Studios.

The songs for the conservatory are in the style of the confessional, heartfelt singer/songwriter mode. I’d be doubtful about calling myself a “folk musician” – although I appreciate the sentiment behind Louis Armstrong’s now legendary quote.  There are 9 tracks on the album which are all me and just a guitar. The rhythm, bass and cellist join me for the last track. The last song is optimistic from a “you can get through this” perspective – and might mark my next direction both musically and lyrically – towards a more collaborative approach with fellow musicians – and songs that give people encouragement to keep on, keeping on [dig the Curtis Mayfield reference there I hope!]

We have one last song to record in January 2023. The remaining tracks are as I type being mixed and mastered – so with luck, the album should be out in the first quarter of 2023. It will ship as CD (how quaint) and as a digital download on Bandcamp. It won’t be on Amazon Music, Apple Music or Spotify – or any of those sites that rip off musicians away that would make an A&R person blush at an established recording company. There will be a limited on-demand vinyl recording for those people who prefer that medium. By on-demand that means that they are pressed and produced as single entities – I think I will offer these with the option of them being signed, perhaps with some kind of bonus element – purchasing the vinyl will come with a download code for digital copy included in the price.

These are very expensive and I won’t make a single cent on the vinyl copies – but quite like the idea of having a vinyl copy.

Category: Michelle's Music | Comments Off on Debut Album: Songs from a cold conservatory
November 15

Mastodon and the Miocene Era of the Internet

It’s no irony to me that the up-and-coming internet platform is named after a once-extinct animal whose period on earth ended some 5 million years ago.  For many, it’s a refreshing reminder of the idealism of the early days of mass internet use ushered in the 90s.  Oh, how sweetly naive and innocent we all were back then – with our talk of “information superhighways”. Little did we know what kind of virtual world we were constructing almost 30 years hence. Like the mastodon of yore, those heady days seem a lifetime ago, but the reality is those changes happened within our lifetimes. So in this post, I want to reflect on where we came from, where we have been and where we might be going.

For some, the woes of Twitter started a couple of weeks ago with the acquisition by Musk, and a series of miss steps that would make even Liz Truss blush. The reality is the rot had set in some years ago – and had always been there hiding in plain sight. There’s been a lot of analysis of Twitter and its impact on our culture – which I find personally a bit troublesome. Twitter exerts its influence far in excess of its subscriber base. Compared to other platforms like Facebook, its relative minnow – and those who are on it – who have far more followers than follow – it exerts an influence on the public discourse which reveals the vast inequalities of our societies. Twitter was meant to be the great leveller – giving ordinary folks access to persons of note, and making persons of note more accessible. The reality is Twitter merely reflects the power differential at play in our society and culture. Why should a site of some 200m have so much influence it has compared to the 8 billion people this earth currently houses? The vast majority of my friends and family have no interest in Twitter, never have and never will.

Sometimes I’ve been a bit embarrassed by the world of “Social Media”. It’s an environment my generation helped in part to build and sanction – that we let loose on our kids. We assumed that people would happily give up their data in exchange for free stuff – and we naively and optimistically assumed it wouldn’t be used to groom people for terrorist organisations or promote suicide as a viable option for teenage girls. And to this day we allow unregulated algorithms to be bought and sold by political parties – so they can push a hateful agenda to an unsuspecting public. If Twitter and social media are a cesspit – it is in part because we and our politicians have allowed it to become so. And because we said they were platforms, not publications – where free speech absolutists can say what they like, to who like – without consequence. This is not a great message to send to the young – that what you say doesn’t matter, and therefore you can say what you like.

It’s worth reminding ourselves that Twitter started out with the same idealism that Mastodon currently enjoys. Over time it became an engine by which people with polarised views took lumps out of each other. I joined Twitter in 2009 when friends told me there was a discussion about a blog post I’d written. I challenge anyone not to be interested in a conversation where they or their content is the primary subject matter 🙂 . Reader. I held up no resistance. Back then I had a small Twitter community of some 100 followers and 100 followed. And it was like an early Slack channel (I remember IRC), a real-time extension of some of the VMware Communities forums where I’d first met people who I would later meet for real, and also come to call friends.

It didn’t stay that way. Pretty quickly Twitter evolved or our use of it evolved to pushing “content” to our “followers” and building status as “influencers”. Of course, that was limited to the mainly esoteric world of enterprise IT. I think that’s when I started to lose interest – when it was less about shoutouts for help, advice and opinions – more of a one-way broadcasting system. As my number of “followed” increased I found I couldn’t keep up with the volume of Tweets. In short, I discovered I could not read the whole of the internet.

Can Twitter ever make money? I would argue not. It turns out it’s really difficult to turn a micro-blogging site of 200m users into a viable platform for advertisers. Unlike FB which is primarily used by a generation of users who seem to relish filling out profile pages with valuable metadata – Twitter doesn’t seem to hold that information so readily. I guess that’s one fear folks moving to Mastodon have – that in a desperate bid to monetize that which has been resistant to monetization – the privacy and protections previously “enjoyed” will be open to ML/AI engines to be mined for advertising-friendly metadata. It’s one of the reasons I archived all my tweets and then used TweetDelete to remove them. Clearly, the attempts in the shape of Tweet Blue have been so bad, the “product” was withdrawn within 48 hours. That to me demonstrates the unwillingness of the user base to pay for a system they have previously enjoyed for free. Maybe the only viable and stable model for micro-blogging is minimal-cost Mastodon instances like one’s personal blog which then allows a micro-blogging presence in a non-commercial environment. IF that is the case – then don’t expect it to look anything like Twitter in practice.

Can Mastodon avoid becoming yet another cesspit? I would hope so – and someone would say that system that is NOT built on an algorithm that rewards conflict and hate means that it will. I’m more sceptical. Sadly, I believe there isn’t any human invention and innovation that doesn’t come with negatives and fail to see why Mastodon will be any different. The truth is there is light and darkness in the human population and people bring that light and darkness into everything they do – there’s nothing really in Mastodon that would stop darkness – except for a well-expressed server rule and good moderator. That assumes everyone doesn’t set up their own Mastodon host and become their own self-policing person. Bad actors and bad servers can be blocked – but won’t that merely create a series of different echo chambers creating a false impression of unity and harmony – which could be quite different from the world outside your door?

This week seems feels less insane than the last couple of weeks in the Birdsphere. Whether that continues is anyone’s guess. Right now although lots of people have moved, it’s far from the mass exodus many predicted. Musk is calculating that his users are emotionally tied to their followers and unwilling to abandon the network they have created there. As for myself, this feels like a good time to move on. I recently renamed my Twitter account to “Michelle Laverick Music” and use it to promote my music, videos, gigs and recordings. The truth is a felt queasy doing that. My “audience” (if that doesn’t sound too egotistical) followed me for my contribution to IT, not music. And it did feel like a was grifting my Twitter followers for entirely different purposes. The move to Mastodon seems a good time to start afresh with a tabula rasa. Also, I was cautious about “pushing” issues that my original Twitter followers might not be interested in such as my politics or my views on trans. With a new ID on a new platform, I feel more at liberty to express those views.

Finally, no one knows what the future will bring – Musk himself has warned about bankruptcy, and introduced the working culture of presenteeism and long-hours common in a start-up. Twitter isn’t a start-up, and it’s unclear to me why any experienced member of staff would hang around for Foxconn-style T&C of employment. Some predict that Twitter will become unstable, unreliable and unusable within 6 months – personally, that seems to be a bit pre-emptive – but who am I to predict the future? That remains to be seen – my concern is that if the mass exodus does occur and at a swift pace – Mastodon’s distributed model isn’t yet able to absorb that demand – and there needs to be a method distributing new sign-ups beyond people picking the most popular hosts within the system. I’d love to see the big WordPress hosters start to offer a personal Mastodon instance. I’d love to see vendors like Synology offer native Mastodon instances on their NAS arrays. I’d also love to see a more enhanced method of finding and following individuals than the process we currently enjoy.

And for all our sakes I hope it starts a return to civil discourse not based on character assassination and smear – but a space that allows for the curious and kind to debate and discusses real issues in good faith. You see, forever the idealist.

Category: Other | Comments Off on Mastodon and the Miocene Era of the Internet
November 10

So I don’t blog much – Mastodon & Twitter

So I realise I’ve NOT blogged much recently – to tell you the truth I’m so busy working at Droplet – I don’t actually have much time on my hands to do so. Maybe that will change in the next year – I don’t know.

So the subject of this blog is Mastodon and Twitter. I don’t want to get into the whys and wherefores of recent developments – although I have an interest in those – I assume those opinions are better expressed by other people elsewhere – and I’m not sure whether my commentary would add much. I’m more interested in the technical side of things…

Setting Up your Mastodon Server?

Firstly, you have to ask yourself the question – why? My reason was I wanted a friendly handle – and with the volumes of folks bailing from Twitter – some of the Mastodon Servers are quite heavily loaded and are taking 24hrs to process sign-ups. Anyone who isn’t tech savvy is going pick and handle and run with it. This is like the early day’s internet where there was a plethora of email websites offering their services for free to sign-up people. If you want your own Mastodon Server chances you serving not just yourself but a community of folks who share stuff in common. Consider this is going to cost you money – whether you sign up for SaaS service or have a more VM-based configuration. Clearly, you could setup Mastodon on your homelab where you may have already paid for CPU/Memory/Network resources – but have to consider the availability and upstream/downstream bandwidth. Being a rural location power reliability is bit of an issue for me – and my bandwidth is current domestic broadband. All in all having this thing hosted and managed like my WordPress blog is – made more sense.

Mastodon is based on Linux and isn’t easy to set up from scratch. Initially, I tried a free-tier Azure VM and started installing modules. I hit a roadblock and gave up. I later found out there was Ansible Playbook based on YAML I could have used. In the end, I found a few providers offering dedicated VM with the Mastodon installer service. Unlike WordPress hosters, this is a bit more niche so I went with https://elest.io/ running off the Hetzer cloud. So Elestio is like the orchestration engine overly – with a series of different cloud providers which creates a kind of “marketplace”. Once the service was provisioned I used my existing dreamhost.com subscription to register a friendly domain – https://www.folk-music.uk.

[I’ve become increasingly interested in the folk music of England, Scotland, Ireland and Wales – apologises to my independence chums – in haste registered UK, in hindsight, I should have picked something more neutral!]

As you might expect it took a while for DNS to proliferate – but once done – Elest.io has a handy SSL registering system where you put in your FQDN (www.folk-music.uk] and the domain [folk-music.uk] and they handle all the SSL stuff for you – pretty neat as SSL can be a bit of nightmare on any platform. Many thanks to the support folks at Elestio who fixed my SSL issues because I didn’t RTFM…

There’s some work that needs to be done post config in the Mastodon “administration” pages when you’re logged into Mastodon with your admin credentials – metadata need to be included such as:

  • Site Setting – you need to fill out stuff like admin username, your email used to log in for admin, a short server description (visible) to subscribers, server description (I put things in like where its hosted and hardware specification), welcome logo
  • Server Rules – these are the “Acceptable Usage” style rules you would see when you sign up such as zero tolerance to hate speech…

Once done you can submit the URL of the Mastodon Server to an email address – which feels quaint – but I haven’t discovered a web-based API method for this task – I recall seeing it but couldn’t find it again…

Followers & The Followed

If you have more followers than you follow on Twitter there is not an easy programmatically way to port that across – and why should they? It’s your decision to move to another platform – and you can’t make free people follow you! There is an API to scan the people you follow – look for their Mastodon ID in their Twitter info and then follow them in Mastodon. This is NOT pretty but it can be done. This is how it works:

  • Run https://fedifinder.glitch.me/ and Authorise your Twitter
  • Let it search your lists and the folks you follow…
  • Export to CSV
  • Then import to Mastodon using the import and export functions

Did this find everyone? No.

Not everyone is Mastodon.

Not everyone has put Mastodon in their profile.

So I’m thinking once a month I will re-run this process until I decide to give up. It’s worth saying there’s is nothing I can do about the 11k people who followed me on Twitter. My view is I’m not walking away from those people – many of who are my friends – but I’m not for the moment “Active on Twitter” until we find out what the heck is going on. [See what I did there?]

A Safe and Reliable Exit Strategy:

I like to see the decision to leave Twitter and go elsewhere as if you were migrating from version 5.0 of one product to version 9.0 of another. This isn’t an upgrade but a migration to a whole new platform. Don’t burn your bridges to the old platform overnight. It’s going to take time to build up the new presence and time to back out of the old commitment. Do it at your pace, at your own schedule.

  1. I’m not leaving Twitter – but I going to archive my tweets and delete my history. I’ve done this once before when Michelle Laverick became Michelle Laverick Music. I decided my old tweets needed to go – and I was going to focus on music not technology or ranting about politics. I singularly failed to stay focused purely on music! If you want to do this. Request a download of your Twitter activity – this is very small as its just metadata (its also a great example of great coding by Twitter engineers – its so storage efficient)
  2. This takes a while (like a day to get and download). Then use TweetDelete to upload the .zip file and purge your tweets…
  3. It is recommended NOT to deactivate your Twitter account but to park it to avoid someone taking over your ID buying a blue tick for $8 and passing themselves off as you – this is like the FB scam where people FB accounts to impersonate others…

So I’m keeping my Twitter account but it’s going to run VERY much like my TikTok and Instagram accounts – I just use them as “publishing” platforms to post videos, gigs and recordings when they become available. My “active” platforms will be Facebook (where my friends live) and Mastadon where I subject people to my Tufo eating, Guardian Reading, Mastadonarti views –  like respect for all and human rights – you know those seemingly outdated notions in the world of free speech snowflakes who complain about cancel culture when their precious opinions are questioned. You know where I’m going with this right?

What’s Mastadon Like:

Well, Twitter it is not. This is open-sorcery, and it kind of feels like the early days of the internet circa 1990s which is actually kind of refreshing and thrilling. People who expect the slickness of commercial products backed by millions or billions of VC dollars are going to find out that a scaleable distributed micro-blogging service takes time to stand up, especially when within days it suddenly got a surge of new sign-ups

Personally, I’m worried about how easy it is for anyone to stand a Mastodon Server up and advertise on other platforms – what are you connecting to? who is running the service? Are they trustworthy? If they have root access what is stopping a rogue admin from using a Mastodon as a glorified honeypot for the collection of emails for phishing or scamming purposes? AFAIK there’s no encryption in Mastodon and the admin has rights to the mySQL DB and can dump the contents of DMs. That doesn’t seem terribly secure to me. This history of the internet is to a degree of naive idealists setting up services with little or no security, and then having to retrofit security. This is not a good model – as it generally means closing the stable door after the horse has bolted.

There are folks saying you must delete and leave Twitter for fear itself could be leveraged as part of some kind of bizarre witch-hunt reminiscent of the McCarthy era. Personally, I find this to be scare-mongering and borderline conspiracy theory [why do I feel like I’m typing famous last words!] But I suspect if anyone wanted to target you – it would be just as easy to do that with Mastodon. Where there is a will there’s always a way.

Final Tips:  Use Mastodon thru a web browser it currently feels so much better than the official Mastodon app (sorry guys) there are other Mastodon Clients out there – and I’ll be testing those until I find one that works how like on my Mac, iPhone and iPAD. You see, I’m still in bed with evil corporates – and my favourite web browser, photos and maps – yes our friends at google.

But hey, at least the CEO of Apple and Google have the good sense of not go around telling their customers how to vote…

 

Category: Other | Comments Off on So I don’t blog much – Mastodon & Twitter
June 16

Droplet Container Support Scenarios

Back when I started with Droplet (it will be two years in Sept 2021!)  we had quite a simple product. Back then we just had two container types and a limited number of places where we supported them. Since then we have had many different container types running both in physical, virtual, and cloud environments. Additionally, there’s been an explosion of features and possible configuration options. I’m pleased to say that 100% of this development has been customer and demand-led. That’s how I feel it should be, and how it should remain. I’ve seen software companies go adrift chasing featurism. The endless development of new features simply to have something “new” to bring to customers, which lacks a strong, compelling use case driven by customer need.

Most software companies address this increased “flexibility” (what they mean is complexity!) by series of tables or matrix. I find these a turn-off mainly because they are not focused on the organization and reduces a product to series to “tick boxes”. I think they are difficult to navigate, often confusing in their own right – and don’t simplify the story in the way they intend. I prefer to have series of scenarios that are firmly rooted in a real-world scenario which makes it much easier for organizations, partners, and our staff to ask the right questions, and save in the process customers bags of time and energy – especially now we have 4 core types of container – with two sub-types within each category. Of course, even a scenario approach has its limitations – in that few organizations fit into a “one size fits all” – so multiple scenarios can and do exist – which lends itself to a more “blended” solution. The other thing I don’t like about matrices is they lead to drag-race comparisons between vendors based on a feature list – how often is it the case that a missing X or present X is latched onto as a deal-breaker – only to find that feature never gets enabled once in production!

So let’s look at some common scenarios and outline what my recommendations would be for the customer…

Scenario 1: Legacy Apps on Physical Hardware

This is probably our most common scenario – although I would say a significant minority of customers are using our technology to deliver a modern application stack.

Whether you’re running on Microsoft Windows 10, Apple macOS, or Google Chromebook I would recommend our DCI-M7x32 container leveraging the native hardware acceleration provided by the local OS. In the case of Microsoft Windows 10 that would be WHPX, Apple macOS that would be HVF, or on Google Chromebook those would be the KVM extensions. The DCI-M7x32 container is a good all-rounder for both legacy, and some modern applications too – and is probably our most popular container type.

Scenario 2: Legacy Apps On-premises VDI environments

We support hardware acceleration in VDI environments where Windows 10 is the primary OS running inside the VM. For on-premises environments like VMware vSphere, the Intel-VT or AMD-V attributes need to be exposed to the VM. For on-premises environments, we would recommend using Windows 10 Version 1909 or higher. Assuming you have all your ducks-in-a-row, then we would recommend our DCI-M7x32. In short, physical and virtual environments are treated equally. In case you don’t know hardware acceleration to the VM is very easy to enable on the properties of the CPU in VMware vSphere:

 

Scenario 3: Legacy Apps on Multi-Session environments

In this case, a server OS is enabled Microsoft Remote Desktop Session Host (aka Terminal Services) and multiple users connect either to a shared desktop or shared application infrastructure. In this scenario, we would recommend our multi-session container which is 64-bit enabled – the DCI-M7x64. Although this container type doesn’t currently support hardware acceleration it does provide up to 4-core and 192GB of memory. So that offers fantastic scalability – where one container image is accessible to multiple users – offering the same concurrency model as the RDSH host within it runs.

In Microsoft WVD Whilst E-series-v4 and D-series-v4 instances do pass hardware acceleration the benefits are limited to a power-user style environment where there is a 1-2-1 relationship between the user and desktop. In our literature, we refer to the model offering as the “Flexible Model”. As each user gets their own personal container accelerated by Intel-VT. In this case, the DCI-M7x32 container is the best type to go with.

In environments like Microsoft WVD we recommend the same configuration as we would with a RDSH – essentially Windows 10 Multi-session offers the same multi-user functionality RDS enabled Windows 2016/2019 server. The DCI-M7x64 container which multi-session enabled offers greater consolidation and concurrency ratios.  Laying the technical issues aside for a moment, economically, the utility model seems to allow wins as a multi-session environment is always going to offer consolidation and concurrency benefits. In our literature, we refer to this as the “Scalable Model” as this most cost-effective method of serving up containerized apps to multiple users. There’s an implicit lack of scalability for a multi-session container on a 32-bit kernel. Since that kernel is limited to using 4GB of memory – it means once you have around 9-10 users connected into the container – you run the risk of ‘out of memory’ conditions and swap activity. On an x64 container that isn’t a problem as the maximum amount of configurable RAM is 192GB.

Scenario 4: Modern Apps on Physical or Virtual Hardware

Frequently we have organizations wanting to run modern apps of Windows 10 rather than installing those apps directly to the OS. The reason for this can be multiple – but often it’s about wanting to decouple the apps from the OS to allow for portability, security and able ingest Windows 10 updates without fearing they will clobber the delicate blend applications. Another motivation can be trying to support applications across other platforms like Apple macOS or Google Chromebook. As the Droplet image is portable across all three platforms without modification it’s often the best approach.

In a pure Windows 10 environment – whether that was physical or virtual we would recommend the DCI-M8x32 or DCI-M8x64 container with hardware acceleration – the same container type would be used on the Google Chromebook. The Apple macOS on the other hand would benefit from the use of our DCI-M8x32 which we have been running for some time – which gives excellent performance. We do have a DCI-10×64 container type but you do need that with physical hardware (currently it’s simply too resource-intensive for a virtual/cloud environment – although that will change with improvements in software and hardware). We tend to reserve the DCI-M10x64 container for high-end devices (8-16GB, SSD/Nvme) as this offsets the payload associated with this generation of the kernel.

Scenario 5: Really Jurassic Apps on Physical or Virtual

Occasionally, we come across an organization with really old applications. For these organizations I recommend, they give the DCI-M7 container type a try, as often we find even really old applications will install and run inside our container runtime. If that’s not the case then I would recommend the DCI-X container type (hint: X refers to cross-compatibility). It offers the same “Droplet Seamless App” experience but contains an old set of application binaries and frameworks, often missing or depreciated in the DCI-M7 generation.

 

Category: Droplet Computing | Comments Off on Droplet Container Support Scenarios
June 9

Droplet Networking (Part 2 of 2) Walls Of Fire

Sorry, it just amuses me that we use the term “firewall”. Yup, I know it comes from the construction industry, as a way of saving people’s lives and the integrity of the building. I sometimes wish hackers and other bad actors did have to walk-through fire as part of their punishment – but I guess that’s against some crazy health and safety laws. If you don’t know by now, I am joking. Besides which I felt “Walls of Fire” is a suitable “clickbaity” blogpost title that might garner me some additional views – and if that is the case, I’m very sorry for that.

So anyway, in the Droplet we have two firewalls – external inbound, and internal outbound. The important thing about the external inbound firewall is that is turned on by default and blocks all inbound traffic. There is no API or SDK – which means there are controls for the hacker leverage to facilitate an attack. That does have implications clearly for “push” based events, but so far in my experience the vast majority of networking activity is actually “pull” based – in that some software inside the container is responsible for initiating network activity. In that case, our triggers the internal outbound firewall…

The internal outbound is stateful by design – which is just firewall speak for saying that if a client apps open a TCP/UDP port to the network, then allow that to pass – and when communication ends or times out – then close that door. It’s the basis of many firewalls for decades. By default, our outbound firewall doesn’t block any traffic (remember ping and tracert do NOT work inside our container). The default configuration allows ANY:ANY. To a great degree, this is a deliberate choice on our part to deviate away from our usual stances of “all the doors are closed until you open them”.

[Aside: It’s the response to the reality in our time-pressed world, that almost no one has the time to RTFM these days. Heck, I’m surprised you even have time to read this blog post – but here you are. Thanks for that 🙂 ]

So, if we made our default BLOCK:BLOCK precisely zero packets would be able to leave the container, and we spend hours explaining why that was the case… So, if you look at our default firewall configuration when the container is powered off this is what you will see:

Changes to the firewall require access to the Droplet Administrator password, and that the container is shut down or the droplet service stopped. The changes made in this UI are permanent and survive reboots and shutdowns.

Note: Enabling block with no rules defines – blocks ALL network traffic from the container. This is a viable configuration if you wanting to block all communications in and out of the container except those allowed by our redirection settings or other internal droplet processes.

I can make this configuration very restrictive by only allowing port 80 traffic inside the container to work for 192.168.101.101, 192.168.101.104, and 192.168.101.105. This is common when a customer is running a legacy web browser for example IE8 to connect to a legacy backend web service.

In this screengrab below the web service running 192.168.101.101 is accessible (incidentally it’s running in a Droplet Server Container protected by secure and encrypted link…) but www.dropletcomputing.com is not accessible – notice also how my mapped network drive to S: no longer works. The Droplet redirected drives still function – which goes to show that for every rule – there’s an exception. So, our firewall does not block our own trusted internal communications – such that drives our file replication service.

 

Category: Droplet Computing | Comments Off on Droplet Networking (Part 2 of 2) Walls Of Fire