Show HN: Gridspot, 10x cheaper cloud compute using distributed computing 266 points by adamsmith on July 10, 2012 | hide | past | favorite | 144 comments

 "Thus, we decided to only run computations when the outdoor temperature near the user is below a certain level (currently 16 degrees Celcius). When it's that cold outside, we assume that the computer's room is being heated anyway. All of the electricity used to do computations gets turned into heat, according to the laws of physics. So the heat generated by the computations displaces the need for heat generated by a heater, eliminating or minimizing the net elecricity usage."https://gridspot.com/gridspot_safeDoesn't work in the USA. Natural gas heating in the US averages \$10.80/thousand cubic feet ~= \$10/gigajoule [1]. Electricity averages \$0.1179/kWh ~= \$33/gigajoule [1] -- more than three as expensive for raw heat. Natural gas heating is twice as common in US homes, with about 55.6 million vs. 28.4 million using electric resistance heating [2] -- not including 9.8 million electric heat pumps.In the common case, you're displacing cheap gas heating with expensive electric resistance heating; the cost "savings" on heating is small. At 100W power consumption, you're spending 1.2 cents/hour on electricity, saving 0.4 cents/hour on gas, for a net loss of 0.8 cents/hour. Meanwhile your CPU is being sold for 0.1 - 0.3 cents/hour [3] -- far less than the electricity needed to run it, apparently (?).[1] http://www.eia.gov/forecasts/steo/report/prices.cfm (residential retail prices, 2011)European costs for comparison:
 Break-even is 0.2 cents/hour per core for a 4-core system that uses 100 watts. A full i7-3770K system with integrated graphics uses 102 watts under heavy load [1], and when each of its 4 cores sells for 0.2 cents/hour, that covers the 4*0.2 = 0.8 cents/hour difference from natural gas to electricity. 0.3 cents/hour covers the entire electricity usage, providing free heat.
 Okay, if it's per core-hour that's different.
 I think their point in the passage that you quoted was to argue that it was environment-friendly, not cost-effective.
 At the very least by running in cooler temperatures, you're avoiding the need for additional air conditioning.
 From [1] - "Our users volunteer their idle compute resources because they want to be part of something valuable to the world. We believe that this is a motivator far more powerful than paying people a small amount of money every month.".Yeah, I don't think that is going to work, especially because you are for-profit organization not SETI
 There's a surprising behavioral economics result that says people will do things for free that they won't do for small amounts of money. A check in the mail for a dollar or two every month isn't as compelling as being part of a group effort.And empirically, it seems to be working. The number of contributing machines is currently in the six figures. The main risk right now is on the demand side, i.e. whether or not people want this type of compute.
 Your "giving back" paragraph about what motivates your users is completely dishonest. You know your users are clueless and installed your client because it was bundled with an application they actually wanted to use.
 Care to elaborate? What programs bundle this?
 You have 100k computers running this? How come I've never heard of it and don't see a place to sign up to be a host computer?
 Seriously? Installer link is on the homepage: https://gridspot.com/
 hah, doh. Thought the article linked to the homepage, still think they should have a link from the /compute/ page, people might be interested in both using and being used for this.
 I can think of precisely zero ethical ways you could already have more than 100k machines participating. An explanation from you would be very, very nice to see.
 Well, people won't do things for free, if someone takes the money for their effort. What is the number of contributors who know exactly what's going on?
 Wow, really, six figures? 250 results for "gridspot.com" on google, and yet you have 100000+ computers running this software? I want to hire you! I'll pay you 10 figures/month!
 This comment is quite rude, but I still haven't seen an answer for this yet. How did you get all these users to donate their computers even though nobody seems to have heard of you yet? Something seems fishy, and I wish you'd answer.
 Fake it till you make it? I don't know for sure, but could they be subsidising the launch by running instances on EC2? ... When they get enough hosts signed up, switch over to their distributed model, or even run a hybrid combination to handle demand spikes.
 Google shows results for "gridspot.exe" on ID-this-process sites dating from mid-March. So it's out there and has been for a few months. The question is whose machines it's running on.
 Google also has this link as the #1 link ... well for me anyways.http://answers.yahoo.com/question/index?qid=20120329124823AA...It does in bring into question whether or not gridspot.exe was installed nefariously.
 Selling botnets as cloud service? That is not be such a bad idea after all...
 An obvious way to do this is how consumers can upload solar power to the grid, and it comes off their bill.With enough people involved, the compute version of this could be self-sustaining, and the infrastructure guys just take a wee percentage. They are unlikely to be replaced by purely free infrastructure, because money is involved (even if in the form of credits). If there was a shortage at particular time, some people might supply that themselves, for extra cash. Distributed compute supply = local compute supply, with latency advantages.
 I don't get this.People install their program, contribute the power of their computers for free and Gridspot takes money.Why would anyone do this? Why would anyone contribute their computer resource for other people to make money from that? I would rather, I don't know, mine bitcoins or set up a Tor proxy.
 This seems too good to be true, but it's working great for me!With no credit card, I got an instance with 3 GB RAM running in less than 60 seconds. It costs \$0.002 per hour.One glitch: Both the UI and the API say there are 2 instances running, but they both have the same IP address and port. If there really are 2 instances, how do I ssh to the second one?
 That sounds like a bug! Just sent you email : )
 I've got another one for you :)The Add Credit Card link is pointing here:
 How embarrassing (but fixed now). That was introduced when I added the ability to boot five instances without a credit card. Thanks for letting me know!
 Another possible bug is that the UI reports 1.56 core-hours used, but my single-core instance has only been running 24 minutes.
 Ok!, the two instances you were seeing were duplicate listings of the same instance. That bug was introduced a few days ago by some database optimizations, and is now fixed! Thanks for reporting it.The 1.56 core-hours is mostly from inst_KGN6tZdFgoeL2C9KPKBsNA which has four physical cpus and has been running for almost an hour at this point.Thanks so much for trying this out!!!
 It shouldn't matter how many physical CPUs there are, I only care how many my VM can use and how fast each one is.If `cat /proc/cpuinfo` or `top` only shows one CPU, I wouldn't expect to be charged for 4 of them.
 You are of course absolutely right! There was a bug (now fixed) that was causing only one cpu to show up in the VMs. All instances started after now should have the proper number of cpus visible.(Note, the number of cpus might be higher than the number of physical cpus if the host cpu supports hyperthreading.)
 This is great - it looks to have some very sensible answers to many of the questions of how a distributed cloud would work.The thing that excites me most about a distributed cloud is that it could turn the notion of elastic computing on its head. You can buy your peak compute requirement, and sell back the surplus. So you can get elastic computing not by re-engineering your own systems, but by selling excess capacity to those whose workloads are a good match.
 Here's how you sustain this model: package the VM with free software just like the toolbar guys do. You pay the software guys a cut of the profit for every setup they have running (referral fee) and users get a new way to "pay" for software. I like this idea much better than all the spyware/crapware software vendors have to package into their product to earn a living.Consumers don't care about \$2/month but a business would care about getting paid \$2/month thousands of times.Edit: If a VM is too big to download all at once with a freeware product, you just install the seed software. Then, over the next few days, the seed software downloads the VM and slowly sets it up so there's no disruption to the customer's activity on the computer.I would also suggest you reserve the space needed on the disk with an empty file, roughly the size of the VM file. This way it's clear just how much space this newly installed software is taking on the customer's computer.This is all based on the idea that the customer agreed to this during the installation. To what extent "agreed" is left up to you to decide. I'd suggest a dedicated page during the installation with a prechecked box that explains what this is and what it's about to do.
 I disagree. I don't think many companies that have 1000 computers would do this for \$2/mo per node. That's like \$22,000, also known as a rounding error for those kinds of companies. Besides, those companies tend to frown on these suspect applications.
 No, I don't mean for companies to run it on their own servers, I mean for them to bundle the software with freeware software. The kind you find on download.com.Often, freeware software developers bundle toolbars and other spyware/crapware with their software to make money. My suggestion would be to allow them to include the VM with their software instead of spyware/crapware toolbars. These freeware authors would earn a commission for every VM install that makes money.Freeware developers need to earn money but their main option is to bundle their code with crapware now. This would be a nice alternative to that awful option.
 Thanks. But that's an assumption. He / they should write relevant company informations on gridspot.com.
 No, it's Adam but you're right that he should write something about himself within the company website. In the meantime, you can see him answering feedback in the comments of this discussion. Here's one of them http://news.ycombinator.com/item?id=4226286
 I agree, it's bizarre to have a commercial website with no contacts, legal information, and a disguised whois registration.
 So the customer pays Gridspot and Gridspot does not pay anything to the person whose computer is actually doing the work? Great business model if you can make it work.
 reminds me of skype, but the differnce is that with skype I only want one good connection, so find the best one through the forest... but this one?
 The difference is that most Skype users don't even know they are carrying traffic for the network. The client silently punches a whole in their router and makes itself a pain to close (for example by reconfiguring what the red X does) without ever explaining why it wants to keep running so badly.
 My understanding is that after MSFT acquisition, they don't use their customer devices as supernodes anymore [1]. For "silent hole punching" with UPnP, that is very much business as usual for any VoIP application as well as other applications, such as Windows' Teredo IPv6 thingy.[1]: Ars Technica seems to confirm: http://arstechnica.com/business/2012/05/skype-replaces-p2p-s...
 Now that was news to me :) Didn't know they've changed it that way. Thanks for the article!
 This is completely news to me. One of those "WTF?" moments!
 This would be perfect for crawling with a large number of distinct IP addresses, or for fighting DDOS attacks.However:"All network traffic is proxied through a central data center we maintain."
 Yeah, to be honest we're trying to avoid the business of selling wholesale access to a lot of IP addresses, hence the proxying of traffic.If there are specific, legitimate uses for a large number of IPs, for example fighting DDOS, then that might be something we should build!
 I don't know about 'legitimate', but I can think of plenty of specific ones. I say build it (just might want to incorporate it separately... possibly in Sweden..)
 How is possible to fight a DDOS attack with lots of IP addresses?
 Increase the attack surface area. With anycast the nearest nodes to the attackers "sink" all of the traffic. The rest of the nodes continue to serve other customers with no I'll effect.With this product you will have a very wide base of unicast addresses. Treat each node/address as disposable. Use fast failing health checks and an out of band control plane. As each node falls to attack remove it from your service discovery layer (DNS/http 302/etc). See "fast flux dns" for implementation ideas. The attacker will spend a disproportionate amount of resources (packets/s) attacking each of your disposable nodes. The majority of your "good" customers will continue to be served. In a traditional tiered architecture the L3->L7 routing layer (LB/Proxy) is very expensive to scale vertically. Your data store & compute end are clustered behind these choke points. Remove/minimize shared state and you can have independent units of compute. Remove those L3->L7 choke points and you can get a wider & flatter L1->L3 network fabric. Besides increased durability you get more aggregate bandwidth per \$.
 Fighting fire with fire:
 I think panarky meant flee/hide from.
 I'm curious to see if this works."SETI but paid" is a very tempting idea, but we could never get the back of the envelope math to work out to the point where we could pay the contributors anything compelling (e.g., enough to offset their power cost).I guess you can get a few people to sign-up for fun, but we could never come up with a reason other than serendipity that would make people donate their CPU time for us to resell. I'll be interested to see how/if they respond to this challenge, or if there's something I'm not seeing that makes this point moot.
 Maybe turn it into a raffle? Every month a random VM host gets a huge prize (all the money that would have been distributed)?If the service was really successful you could be giving out n * \$100k prizes every month. Just treat it like the (much cheaper) server hosting bill.
 They'd have to download your custom image, probably hundred of megabytes or gigabytes, each time upon starting new instance. This makes no sense on WAN. It’s much better for both contributors (less stuff to download) and clients (less time wasted waiting) to only download your application stack.It’s not EC2 alternative, this is a different kind of service.
 I think you miss my point. Currently (AFAIK) the provider/dom0 must download and run a windows executable. Many people have no windows hosts, but do have existing xen/kvm dom0s running. If grid spot provided their service as a xen/kvm client image I would be able to host it.There's no requirement for the host to download the client image multiple times. I'd imagine you have something like ephemeral domu disk and use kmods to provide a control plane and network tunnel.
 > Many people have no windows hosts, but do have existing xen/kvm dom0s running. If grid spot provided their service as a xen/kvm client image I would be able to host it.They should provide their image instead of the binary. Theirs, rather than their clients. Got you know!But I don’t think their audience will have much use for it. Well it’s unlikely to be a priority, anyway.> Don't get suckered in to providing 1:1 IPv4 with your proxy model.BTW, he doesn’t. It’s all proxied through single IP on different ports. E.g. this is what I got:`` ssh gridspot_user@69.4.239.76 -p 25502``
 This is brilliant...I am glad someone finally ran with it. I wrote a blog post about this almost 2 years ago - http://marcgayle.com/2010/01/08/a-legal-botnet-billion-dolla...There are many applications for this - including fighting DDOS attacks. There are still huge technical challenges with that particular application, but as I understand it...the only way to fight a DDOS is to a) get bigger guns, or b) lie down and take your raping.Having something like this, can (in theory) give you bigger guns.Do you guys pay the people who have idle resources?
 > including fighting DDOS attacksOr cheaply launching them. For a mere \$100 you get 100,000 machines for an hour, that's more than enough to cause problems for a sad number of websites out there. Edit: Or not, given that all traffic goes through a centralized node.
 Yeh....was about to say that I doubt that given the architecture. The difference is that there is a for-profit company that controls the nodes, so I doubt they would allow that. Completely different than a real botnet where the botnet owner controls everything.
 Something else just occurred to me....by not paying users to get axs to their computers, it removes the business model headache of squabbling over revenue and violating ISP TOS. I believe it is against most TOS for most (if not all) ISPs for a consumer to resell their inet axs.That was another consideration that I looked at two years ago - which makes the model not as attractive. Although, I imagine that the holy grail is actually reaching a place where users are making money from their inet connection - I am sure that will drive adoption at an increasing rate.
 "While we allow Internet traffic from software doing compuations on our platform, it is all proxied seamlessly through a small set of computers operated by Gridspot."Seems that that small set of computers and IP addresses could be used to do the ill deeds of a bad actor."Run anything""Get SSH root access to each Linux instance."So exactly what is to prevent someone from spamming here and how would gridspot even know that was happening? To mention only one possibility.
 Based on my understanding, there's a tightly-locked down outbound firewall: you only get HTTP,HTTPS and SSH ports. So sending mail over SMTP (spamming) can't happen.If someone is doing something evil over e.g. HTTP, presumably GridSpot can also block that and/or ban them from the system.If you're sending spam over e.g. Gmail via HTTPS, Gmail will shut you down.The people running the nodes don't need to worry about e.g. someone downloading illegal content and getting them in trouble, because it is proxied through GridSpot.I think it's a clever solution.
 It is obviously a VM, so the virtual network interface that you get will be proxified. The fun thing will be to see if someone can do some VM escaping and own 100k machines for free.
 If VMs are running on hardware Gridspot doesn't control, and if the filesystem isn't encrypted, how is my data secured?At \$0.002 per hour I'm actually OK with zero security, but it will limit the types of jobs that I'll use Gridspot for.
 This is explicitly part of their pitch to users. From TFA:> Gridspot is perfect for jobs that:> • ...> • Aren't privacy sensitive
 If the data is not confidential, but you’re worried about someone messing with your computations, it still might be worthwhile to use defensive strategy and just run the same task multiple times on separate instances and compare results before accepting output. Since the task can be scheduled in parallel, there’s no significant overhead and it’s still way cheaper than Amazon/Google.It’s not exactly replacement for EC2, but there’s a lot of applications that would fit Gridspot just fine.But I guess one has to be much more aware of all the security issues when writing for a platform like this. The Gridspot folks should perhaps consider creating solid list of best-practice guidelines.Now can someone also create Gridspot for storage? :)
 Same here. It would be great to get end-to-end encryption, but I don't think that this is currently practical.Some recent research [1] has shown that it's theoretically possible to delegate the ability to process your data, without giving away access to it. But from what I remember, in practice the computation becomes orders of magnitude slower than on the unencrypted counterpart.
 Yay, trying http://en.wikipedia.org/wiki/Popular_Power again.
 Can't someone create market-exchange type service, where price is set by supply and demand. People get paid for idle compute time, and other people buy it.The price will go As high it needs to, for suppliers to think it's worth while.It would interesting to see what the resting price is. I.e what suppliers think is worth while. It will probably be at max slightly higher than amazon, because people will do arbitrage with amazon.
 Ironic how the website is down for me.
 In the bigger picture, there are a whole lot of interesting things that would need to be built to allow for non-batch processing on a cloud like this... a smart web proxy / front-end that could cope when your instances go down being #1 on the list.
 It was slow but it appeared at last after 5 tries.
 yes the website is down for me too
 As a demonstration of their capabilities, I'm underwhelmed.
 I think it's a demonstration of how popular the post is, not their capabilities.
 Ha! Well said!
 So we're supposed to trust these people with our data?
 No, it says it right on the page. It's for non-privacy-sensitive applications.
 Presumably you are using the results of the distributed system's work for something. Can you trust those results from people who can't keep a web server alive?
 I'm not sure what you mean by "can't keep a web server alive" but I think the answer to your question is to run your computations on multiple instances at once to validate your results.
 Give them some break. Probably they are still building it. Frequently people post to HN before things are ready so that friends can review it and post feedback.
 Why the hatred ?
 My immediate response was "surely this is less than the cost of the electricity to run the CPUs" but it turns out it's equal to the marginal cost of heating a room with CPUs relative to conventional heating (natural gas or electricity) -- which is pretty genius.In the long run you would expect this would drive up the bidding for idle CPU time, meaning that having a couple of idle computers in your house would generate you a small amount of positive revenue, in much the same way that contributing electricity back to the grid using solar cells could. Of course, most people have no use for solar cells (which are expensive), whereas a lot of us have use for local CPU.
 They're not the first to do this: http://www.isgtw.org/spotlight/greenest-volunteer-grid-them-...
 It'd be really sweet if they offered VMs with a video card as well... for science.
 you mean like 'bitcoin mining science' ;)
 How do they handle security? If the software they're using to virtualize these instances is exploitable, then you could break into the host machine and do whatever you like with it.
 I agree, theres a level of trust when you use hosting providers like Amazon and heroku. With this, there's no way i'd do anything remotely sensitive with one of these boxes.
 There's a typo on https://gridspot.com/gridspot_safesecond to last word of the first section. Electricity.
 What happens when the contributor abruptly cuts out?
 Same thing as with Spot Instances on Amazon. Save your work often, reschedule eagerly.
 Yes but Amazon operates out of a datacenter that will /strive/ to be online for all but a few minutes of each year. Transient machines spread over the internet on home or office PC's /do not/ have the same operational parameter.At this point I'm somewhat unsure of their actual business model. Are they reselling VPS instances from real providers or are they sourcing computational power from home/office PC's? This seems entirely unclear based on the reactions of this thread and the mostly ambiguous stuff written on their website.If they are sourcing computational power SETI@home style my question remains, and I encourage it to be upvoted and answered on such a technically competent site such as this. Marketing hype is cool, but I'm still an engineer when it comes to making choices.
 > Yes but Amazon operates out of a datacenter that will /strive/ to be online for all but a few minutes of each year.Spot instances can be killed any time if your bid is too low. This will, of course, happen less often at Amazon, but the principle is the same. You must also be significantly more proactive about unreliable performance and poor security. But this may be worth it sometimes.> At this point I'm somewhat unsure of their actual business model. Are they reselling VPS instances from real providers or are they sourcing computational power from home/office PC's?They’re computational power scavengers :) Seems to be desktop PCs for now. Maybe in the future it would also make sense to also utilise smartphones plugged into a charger? I hope they will be successful, because unreliable and cheap computational power is a pretty cool resource, despite all of its shortcomings.
 I'm also curious, what happens if all your host contributors decided to stop?
 Have fallback to EC2 if GridSpot can’t provide capacity you need at the moment. The same is true for any other cloud service, actually. E.g. Amazon was having problems issuing new instances in some regions following the most recent power outage. In theory you should try falling back to other regions/other clouds. It remains to be seen how much of a problem this will be in practice.
 There is a typo on the 'Gridspot Safe' page.Network proxying While we allow Internet traffic from software doing compuations on our platform,Should be 'computations'.
 Is it possible for someone to lend the idle time of their VPS / dedicated web Servers in return for cash ? People could run their websites without issue as most of the time, they may not be using it to full capacity. And you will get better connection (better than DSL speed) and better performance machines (server grade). Could be a win win for everyone.
 I bet web hosts would put in a clause that won't allow you to sublet in this manner.
 Why would people contribute? You're basically profiting off donated energy. I doubt that's a sustainable model.
 This reminds me of http://www.pluraprocessing.com/
 One thing I'd like to hear is whether this is opt-in or -out and whether it's client or server side.
 So, the only payment option is via credit-card.. And if you have no credit card what then? Am I S.O.L?
 How do you pay for everything else online? Do you mail Amazon checks or something?
 I use pay-pal or debit card, if I actually buy something online. Credit-card culture isn't so great where I live, and I personally don't have one - hence the question.
 AFAIK, credit cards are just debit cards using credit instead of balance. You need to have CVV2 for online processing, that’s it.
 Seriously? A down-vote because I ask a question about payment options? Unbelievable.
 We're about to launch a service that allows comparison of benchmarks from cloud providers (UnixBench/IO & BW), would love to run it on your plans to compare against Amazon etc.
 They’re not EC2 alternative. Benchmarking GridSpot makes absolutely no sense.
 I can't believe anyone would install their software without having any idea who this guy is.
 This is incredible and the pricing could be a game-changer for distributed compute
 The applications are very limited, but it’s nevertheless incredibly awesome for a particular niche.
 Maybe they are just renting out a botnet while it's not used for spam?
 What kind of tools are on the VM ? Do I get gcc and some python installation, for example ?I would imagine that I would have to reinstall my tools whenever a new instance starts.
 It seems to be vanilla Ubuntu 11.10 server. And yes, you’d use something like puppet[1].
 Your customer service phone number is returning busy.
 So this is where the bot nets computing power go?!
 Will you be charged for pre-credit card instances after you add a card? Also, it's very unclear as to how you end a running instance.
 Yes, though I suppose you could just create another account. : )You can stop a running instance by shutting down the OS. If it's something people really want we can add an API/UI mechanism to do it.
 Huh, I did sudo shutdown now and it worked, but the gui says it's still running. So a button might be nice.
 I've also tried 'sudo shutdown now' and while it did shut down the OS, the site says they are still running and the times are still increasing. How will I know when they've actually stopped? Also +1 for an API to end instances, please.
 Can somebody explain to me how this works? Gridspot doesn't use a server farm like Amazon? I don't get it.Looks like a pretty sweet service though.
 If I understand it right, the 'cloud' VM you get is running whole or in part on desktop user's machines out there somewhere in the world (and connected to the internet) who have donated their machine's spare CPU power to GridSpot.
 Are you guys using EC2 like Engineyard?Edit: I just checked the ip 107.20.186.94, and it does look like it's hosted on Amazon.
 As an incentive for the nodes you could increase the price a bit and give back CPUtime credits to the nodes.
 What about the node-owner being able to look inside your box and see what you are doing?
 This would be more cool if the portion of profits went to those who contributed cycles.
 Wouldn't work. As soon as you move the incentive to the world of financial norms people start wondering why they are bothering for a couple bucks a year.They will get more people doing it to be part of a community if they can keep that community seeming "cool" in some way.
 Exactly low pay (generally) provides more of a disincentive than no pay. OTOH if you say "we will donate to charity \$x" that might work.
 Or at least purchase carbon offsets...
 It does work, and it's being done: www.charityengine.com
 They could use few of those cheap instances to run their web site, its so slow.
 So, how would one contribute to this?
 so this is basically BOINC but also allows for-profit/non-research companies to tap its resources
 It doesn't look like that at all.
 Windows only for contributions? That seems weird, given that jobs are running within a VM.
 Boom goes the dynamite.
 Is this related to last year's node knockout entry for a distributed chess AI?
 As someone that's done some work on parallel chess, I don't see how this could have anything to do with the subject.
 I work in the field too. These are exactly my thoughts on the matter, and I'm sorely disappointed with the comments in this thread hinting as such so far.

Search: