Use Docker?

Docker sucks
​​​​I don't want this crap on my machines

What's wrong with it? I use it all the time. Is there an equivalent to DockerHub for your preferred alternative? If you don't leverage a community or the features of Docker, and just want isolation for packages from distros or whatever, sure, docker probably isn't for you.

For me recently, I'm using keycloak and integrating it with services like Discourse, Grafana, a wiki, and so forth with a reverse proxy. Works well for that sort of thing. Some projects are a bunch of dependencies and setup to get going, even if you have some of it available as system packages, you can still run into issues, Docker again does well there, or k8s if you need to orchestrate containers across multiple servers in an intelligent automated manner.

multiple things

1) i dont like the concept of a centralized storage for system images by anons. seems to risky to me. yes, i can make my own images - but why should i use docker then?
2) my service manager is systemd and not docker. docker lacks integration - things like dependency management, auto start/restart, socket activation (AFAIK it got better and at least it is able to log to journald)
3) imho they are just butthurt when it comes to pid0 and reaping zombies
4) too many overlays. i know why they use them and its pretty neat - but i cant do a simple mount command any more and see what is mounted. its just cluttered

what they really do well is volumes, updates and network management.

i have one docker-compose (nextcloud) inside a dedicated vm. if a vm ONLY does docker it is at least usable. and my vm is activated by systemd and monitored through cgroups.
as they use docker-compose and many net and volumes features i cant translate it to katacontainers easily and keep it updateable. but i guess/hope this could change as docker seems to have heavy financial problems and had to sell their orchestration part. maybe the nextcloud team will rethink their preferred deployment soonish

There is official images that can be trusted just like local packages, in that sense it's not too different from a package manager with your main repo and a community one like AUR. You can also setup/host your own registry similar to hosting your own repo of packages if you don't trust a community one like AUR.

I make my own images when I have configs to tweak for optimizations or specific to the project. It'd be pretty much the same as maintaining similar with ansible/salt or distro specific packages I guess? I like the portability that the containers afford me, I use alpine linux as a base so it's not like it's eating up much disk space. I like the clear separation from the host system tbh.

You can actually run systemd in docker, it's just not typically advised. s6 is a simpler alternative(compared to systemd, not necessarily to grasp/use) that's popular for docker, or for ease of use some go with supervisord if they need to manage multiple processes.

If it's not multiple processes in the container to manage, then Docker itself can manage most of that. You have restart policies and these can autostart on fresh boot, or restart if the process crashed, etc. Dependencies works with docker-compose, you can "depend_on" another container, probably not as good as systemd for this though since Docker isn't necessarily going to know for sure if a process is ready, just that it's running, I think you can improve that but it's a bit more effort.

I don't know about socket activation, I know that working with sockets for me has been fine, but I just mount them like a volume to share between containers to communicate.

Docker natively supports journald as a logging agent, otherwise use something like Vertex(rust based logging project, unrelated to docker) to grab logs and send them whereever.

Use `--init` with `docker run`, I think it's `init: true` in docker-compose. This uses some dumb/basic init process they integrated a while ago as pid0 to avoid the zombie issue. It's often chained to supervisord(which I think no longer has the zombie reaping issue?), or a shell. If using s6 it shouldn't have an issue with zombies either, but it's again adding friction to a learning curve and many don't bother with it for simpler DIY images.

Eh? Change the storage driver? Use volume bind mounts(filesystem) instead of docker volume containers for storage. Network can be told to use host network(improves network performance but decreases security/isolation). If it's with the layers a docker image can have, then you can squash those all into one as well.

Docker uses cgroups, it can also be activated/managed by systemd while managing it's own containers itself.

I think the issue is more that Docker is quite accessible and as such many only go with the minimal/happy path, not bothering to learn or gain more awareness about Docker. Same reason things like Adobe Flash were more notably an issue and didn't have a good reputation if you primarily did that as a programmer, because of how low the barrier to entry was, you had lots producing content without concern about security or efficiency.

By all means, stick with avoiding Docker where it suites, whatever works for you is good. I could probably use VMs or some other container tech I guess, I just started with Docker years ago as it was easier due to the community/ecosystem, whereas now I'm comfortable taking a base image like Alpine and building the rest of a service on top without using others(that usually have some drawbacks for me to not use them).

Eventually I'll need to pick up something like kubernetes for orchestration/scaling, but for personal use, docker and docker-compose alone has been fine.