Docker - for when you don't want to know Linux

The new forum runs in Docker, and there’s no easy way around that.

https://www.docker.com/

Docker seems, with some initial play, to exist primarily to:

  1. Let people who don’t know anything about server administration run a server
  2. Let people who don’t know anything about software packaging distribute software
  3. Let people who develop on macs and aren’t capable of running real VMs run software

I’m both impressed with how simple it is to use and how dubious the need for it appears to be.

1 Like

People like simple, even software developers. My software dev lead keeps poking me to learn it so I can deploy it in our lab, but it I haven’t had to time to look at it yet.

All containers run with root permissions, and there’s no network bridging. They’re like the VM equivalent of a car with the hood welded shut.

2 Likes

All the newer development tools it seems are being created today are just shittier versions of tools that have already existed for a long time. They just require users to learn less new things. People would rather learn less and do more labor with shittier tools than learn a little bit and work some magic with the hole hawg.

Apparently it’s not very stable either. ~_^

Heh, it allows BBCode, I haven’t used that since I was in early highschool using Gaia Online.

I thought I turned off the BBCode and only allowed the Markdown? Maybe that was Flarum…

It was down because I was messing with SSL because somebody.

Nothing like a test:

[color=#FF0000]T[/color][color=#F2000C]h[/color][color=#E60018]i[/color][color=#DA0024]s[/color] [color=#C2003C]i[/color][color=#B60048]s[/color] [color=#9D0061]h[/color][color=#91006D]o[/color][color=#850079]w[/color] [color=#6D0091]y[/color][color=#61009D]o[/color][color=#5500A9]u[/color] [color=#3C00C2]t[/color][color=#3000CE]e[/color][color=#2400DA]s[/color][color=#1800E6]t[/color][color=#0C00F2].[/color]

Yep, you turned it off. Though it is worth noting when you make a new post, the text you type over in the text area is something like: Use markdown, BBCode or regular text, drag images to paste. Or something like that. Not a big deal just perhaps misleading if one of those doesn’t work.

1 Like

I just checked. I didn’t turn it off. There’s actually no setting for that. I turned it off in another forum I tried. I guess only some BBCodes work?

This merits more testing.

http://mylink.com
text
[large]text[/large]
[center]text[/center]

admin@somewhere.com

Worse still is the job market that ignores employee skills in Linux, VMs and remote administration yet demand being able to understand a specific technology like Docker.

Employers looking for employees with very specific knowledge on these closed systems versus knowing the generic underlying concepts is worrying and rather annoying. Employers are more interested in whether acronyms can be ticked off rather than the skills that underpin these technologies.

Employers are interested in which acronyms can be ticked because they don’t have the technological knowledge themselves. How else can an HR person tell if a tech person is qualified for a position? The same way they tell if anyone else is qualified. Do you know X? Yes, I know X.

To be able to tell if a person is qualified to do a tech job you would need an already qualified tech person to evaluate them. And this is why tech recruiters make bank.

Getting yourself and/or résumé past HR—preferably by engaging the people you’ll be directly working with—is a critical jobhunting skill.

Docker is extraordinary good at managing microservices. (Presumably, security is coming.) Once in the docker container, the service can (could) make a local user account and drop root privileges.

In particular, I use Docker to create consistent and isolated build and test environments.

For once I heartily agree with Scott’s crotchety old man negativity. I’ve been pointed by other people towards Docker a number of times for work stuff and have found better, simpler, more straightforward normal Linux solutions instead every time.

Docker is mostly nice for setting up some shit you just want to test against real quick but don’t give a shit about setting up permanently. However it’s pretty handy for distributed system deployment. Especially when you have people that aren’t very technically savvy doing some of these deployments for customers.

Docker also has one slight edge over VMs in that Docker containers are more light-weight than full-blown VMs. Of course, there are trade-offs to that as well. I attended a security conference last year and one of Docker’s big issues is that it really hasn’t been locked down from a security stand-point yet.

Also, Docker is just a bunch of wrappers around existing Linux functionality like cgroups and chroot jails and such. You could probably do everything Docker does manually if your really wanted to.

I’m incredibly confident that this functionality has been implemented before Docker existed.

Also what happens when Docker fails? Reboot and call your Docker specialist? Wouldn’t you want something incredibly secure and robust for a distributed system?

There is actually a similar collection of wrappers called LXContainers or something like that (I forget the exact name off the top of my head). Docker was the one that got all the hype and became popular, though.

You’re right that all this functionality was there before Docker existed. As I said, you could set things up manually if you wanted. Docker just wraps up a lot of the manual procedures in a nice command-line UI with packages, etc.

As for as what happens when Docker fails? What do you mean by “fail”? Docker is just a UI for setting up stuff that’s already built in to Linux for the most part, so if it fails, you could probably just go to the manual procedures to clean up the mess at worst. Now your Docker containers could fail, but that would be akin to an application failing and would be resolved using similar procedures. The only other real failures involve the Linux (or other operating system) under the covers failing, so you’re back to rebooting and calling a Linux expert, if needed.

Docker’s main security issue is that security between the containers isn’t yet as robust as it should be, so it’s possible to break out of one container to cause issues with other containers or the base operating system. As far as robustness, it’s probably about as robust as Linux itself is. It’s all done in user-space, after all.

Fair enough, I will have to write a site built around it to properly understand it, similar to how I learned NodeJS, it just sounded like this ephemeral thing that didn’t seem all that interesting till I tried it and could then understand the positives and negatives.