Originally posted by flower
View Post
Announcement
Collapse
No announcement yet.
Linux 5.4 Kernel Released With exFAT Support, Faster Radeon Graphics, New Hardware
Collapse
X
-
Originally posted by flower View Post
Docker sucks
I don't want this crap on my machines
For me recently, I'm using keycloak and integrating it with services like Discourse, Grafana, a wiki, and so forth with a reverse proxy. Works well for that sort of thing. Some projects are a bunch of dependencies and setup to get going, even if you have some of it available as system packages, you can still run into issues, Docker again does well there, or k8s if you need to orchestrate containers across multiple servers in an intelligent automated manner.
Comment
-
Originally posted by polarathene View Post
What's wrong with it? I use it all the time. Is there an equivalent to DockerHub for your preferred alternative? If you don't leverage a community or the features of Docker, and just want isolation for packages from distros or whatever, sure, docker probably isn't for you.
For me recently, I'm using keycloak and integrating it with services like Discourse, Grafana, a wiki, and so forth with a reverse proxy. Works well for that sort of thing. Some projects are a bunch of dependencies and setup to get going, even if you have some of it available as system packages, you can still run into issues, Docker again does well there, or k8s if you need to orchestrate containers across multiple servers in an intelligent automated manner.
1) i dont like the concept of a centralized storage for system images by anons. seems to risky to me. yes, i can make my own images - but why should i use docker then?
2) my service manager is systemd and not docker. docker lacks integration - things like dependency management, auto start/restart, socket activation (AFAIK it got better and at least it is able to log to journald)
3) imho they are just butthurt when it comes to pid0 and reaping zombies
4) too many overlays. i know why they use them and its pretty neat - but i cant do a simple mount command any more and see what is mounted. its just cluttered
what they really do well is volumes, updates and network management.
i have one docker-compose (nextcloud) inside a dedicated vm. if a vm ONLY does docker it is at least usable. and my vm is activated by systemd and monitored through cgroups.
as they use docker-compose and many net and volumes features i cant translate it to katacontainers easily and keep it updateable. but i guess/hope this could change as docker seems to have heavy financial problems and had to sell their orchestration part. maybe the nextcloud team will rethink their preferred deployment soonish
- Likes 1
Comment
-
Originally posted by flower View Post1) i dont like the concept of a centralized storage for system images by anons. seems to risky to me. yes, i can make my own images - but why should i use docker then?
I make my own images when I have configs to tweak for optimizations or specific to the project. It'd be pretty much the same as maintaining similar with ansible/salt or distro specific packages I guess? I like the portability that the containers afford me, I use alpine linux as a base so it's not like it's eating up much disk space. I like the clear separation from the host system tbh.
Originally posted by flower View Post2) my service manager is systemd and not docker. docker lacks integration - things like dependency management, auto start/restart, socket activation (AFAIK it got better and at least it is able to log to journald)
If it's not multiple processes in the container to manage, then Docker itself can manage most of that. You have restart policies and these can autostart on fresh boot, or restart if the process crashed, etc. Dependencies works with docker-compose, you can "depend_on" another container, probably not as good as systemd for this though since Docker isn't necessarily going to know for sure if a process is ready, just that it's running, I think you can improve that but it's a bit more effort.
I don't know about socket activation, I know that working with sockets for me has been fine, but I just mount them like a volume to share between containers to communicate.
Docker natively supports journald as a logging agent, otherwise use something like Vertex(rust based logging project, unrelated to docker) to grab logs and send them whereever.
Originally posted by flower View Post3) imho they are just butthurt when it comes to pid0 and reaping zombies
Originally posted by flower View Post4) too many overlays. i know why they use them and its pretty neat - but i cant do a simple mount command any more and see what is mounted. its just cluttered
Originally posted by flower View Posti have one docker-compose (nextcloud) inside a dedicated vm. if a vm ONLY does docker it is at least usable. and my vm is activated by systemd and monitored through cgroups.
I think the issue is more that Docker is quite accessible and as such many only go with the minimal/happy path, not bothering to learn or gain more awareness about Docker. Same reason things like Adobe Flash were more notably an issue and didn't have a good reputation if you primarily did that as a programmer, because of how low the barrier to entry was, you had lots producing content without concern about security or efficiency.
By all means, stick with avoiding Docker where it suites, whatever works for you is good. I could probably use VMs or some other container tech I guess, I just started with Docker years ago as it was easier due to the community/ecosystem, whereas now I'm comfortable taking a base image like Alpine and building the rest of a service on top without using others(that usually have some drawbacks for me to not use them).
Eventually I'll need to pick up something like kubernetes for orchestration/scaling, but for personal use, docker and docker-compose alone has been fine.
Comment
Comment