GeekNights Monday - Containers


Okay, but you’re making Windows Java development seem a lot more difficult than *nix, which I wouldn’t say is the case. About the only difference between Windows and *nix is the fact that you don’t need to download an editor on *nix because you have vi, but not everyone is a *nix hipster who thinks that an editor from the 1970s with a UI designed to work on a terminal without arrow keys over a 300 baud connection is the end-all, be-all of programmer productivity. And yes, I used to be one of them. Then I grew up (or got older – get off my lawn!) and started trying out other editors that I found made me much more productive out of the box without having to figure out how to download and install a bajillion different vim scripts to give me equivalent functionality and had a modern user interface.

Don’t get me wrong, anyone using *nix needs at least basic proficiency in vi due to its ubiquity. If you were really badass, you’d also learn ed as an editor of last resort. Even now, I use vim for small jobs because it’s relatively light-weight compared to the editors I prefer. And if it works for you, I’m not going to tell you to switch to something else either. I’m definitely in the “use whatever editor works best for you” camp. However, I’m speaking from years of experience as a C/C++/Linux/*nix developer and user myself here (sorry Rym, while I’m probably the kind of developer you’re looking for, I’m happy at my current job and don’t particularly want to move to NYC right now).

Going back to the original statement, I have encountered the odd Java issue on *nix that also required mucking with environment variables, so it’s not a Windows-only issue. It’s just the nature of Java itself.


Trying to wrap my head around the differences between Docker and application virtualization technologies like VMWare ThinApp. It seems to me that ThinApp wraps the whole application up, along with all the necessary DLLs and OS components, into one executable that is a scaled down version of a VM. On the other hand, Docker and containers wrap all of the services and execution environment stuff, but don’t deal with the actual application at all. Container sets up the environment, and it’s “bring your own app.” Is this a fair comparison?


I didn’t encounter anyone who knew more about computers than me until I went to nerdy summer camp. That was only for four weeks of my life. I wouldn’t meet anyone who knew more than me again until RIT. There was barely an Internet, and there was definitely no Stack Overflow. How the hell did I learn this stuff?

Privileged enough to have money to buy computers. Lucky enough to go to a school district that had Apple// computers in every classroom and labs in every school. Lucky enough to have people encourage me to learn about computers. I had access to some books, and the literacy to read them. Yet, none of those things automatically result in learning. None of the other students learned as much as me.

I learned because I had curiosity and desire, so I futzed around with computers and figured it out. Every second someone would let me use a computer, I used it. had to tear me away. I did this a lot, and for over a decade. Especially from the ages of 12-18 I futzed for hours and hours every single day of my life. I experimented and tried things. Like taking a clock apart and putting it back together repeatedly, and then becoming a clockmaker. No apprenticeship necessary.

What was really significant was the luck of the time I was born. Computers were available, accessible, but still a huge pain in the ass. I wanted to play Mechwarrior 2, I had to learn about RAM. Boot disks. .bat scripts. DOS. I had to learn to upgrade the RAM in my PC. I wanted to play a MUD, I had to learn about TCP, telnet, ports. I wanted to download and play MP3s I had to learn about libraries, codecs, P2P networking. I had to connect to the Internet via modem, or play C&C Red Alert against friends, and had to learn some ATST phone crap. I wanted to make a web site on Geocities, I had to learn HTML. CSS didn’t exist yet, and JavaScript was still evil. I had to learn image editing, the difference between a gif and jpg and a png. I wanted to run Linux, I had to learn about file systems, storage, partitions, master boot records, etc. Hell, the fact that I even knew what Linux was and used it before the year 2000 put me way way ahead of the game.

And so on and so on and so on. Being born at this time put me in an environment where simply having a computer and having a strong desire and curiosity to use it automatically resulted in education. And again, I learned this way over the course of many many years.

Now you have an army of professionals who all learned this same way as I did. Of course we suck at teaching anyone else! We scoff and tell people to learn how we did, as if that is still a viable option. First of all, nobody has years to spend learning. If you want to make an app, you don’t have ten years. Apps probably won’t even exist by then! You want to get shit done now. But mostly, computers aren’t so crappy as to make learning easy.

If you’re a kid, your computing devices have so many layers of abstraction between the UI and the inner workings, and these abstractions actually work. You never have to learn anything about how the computer works. Yeah, you have to be a programmer to make a game, but imagine if you still had to be a programmer to play one like it’s 1985!

We have come a long way, and that is a fantastic thing. This was the goal that we were working towards, and we achieved it. We have made computers accessible to everyone in our society. The smart phone is actually in every pocket! It’s real! We did it! We used to imagine the flying car and the pocket/watch computer, and half of that actually came true!

The problem is we have not done nearly enough to update technology education for this world that is not even that new anymore. We need a new model of technology education, and I don’t know what that looks like.

The only hint I have seen is when I look at the speedrunning community. Some of them, especially those involved with TASs, Their goal is to finish video games as quickly as possible. The only way they can do this is by learning how old video game consoles work on the lowest levels.

Just like I HAD to learn about computers just in order to play games, we need to create some sort of scenario where people NEED to learn about low level computing concepts in order to achieve their actual goals. People will never go even one abstraction layer lower than necessary to achieve their goals.

If I had been born today, I would very likely not have become a technology professional.


Containers aren’t wrappers. They only look like wrappers from a user interface perspective. A process running in a container is no different than any process running on your PC. You aren’t loading another kernel into RAM. You have the one Linux Kernel, and that’s it. No virtualization, no nothing. It just uses some Kernel APIs to specify that some processes have a smaller view of the world than others. They can’t see the whole file system, they can’t access all the RAM, they can’t demand more than X CPU resources. etc.

I don’t know enough about how VMWare ThinApp works, and the Wikipedia seems to suggest it is indeed doing some sort of virtualization. I’m not sure if it is virtualizing the OS and the hardware like an actual VM, or if it is just virtualizing some parts of the OS like Windows Registry and some drivers and libraries.


VMWare ThinApp a Window version of containerization, sometimes called (confusingly, by Microsoft) “application virtualization”.

Virtualization versus Containerization

With a VM, an entire machine is being virtualized: cpu, disk, network interfaces, display, etc. On top of that, you’re going to add a (possibly minimized) OS. Then you add your application’s dependencies and finally your application.

With Linux containerization a la Docker, there’s no VM. The docker host creates a minimal Linux environment: filesystem, network. The container includes a minimized Linux OS, your application dependencies, and your application. Most importantly, your application shares the Linux kernel with the host, and your container’s processes are effectively processes running on the host albeit within the container’s environment.

With a VM, you’re running whatever OS you want at the cost of having to virtualize the cpu, disk, display, etc. With containers, you’re running a Linux subsystem (possibly a different Linux distribution) on your existing Linux kernel. You’re not virtualizing a cpu; the kernel mediates access to that. You’re not virtualizing a disk; the kernel basically made a subdirectory that represents the rool filesystem for your container. It’s a lot less of a context switch and less work for the host to run a container than a VM. The main tradeoff you get from a VM is you can run any OS (doesn’t have to be Linux) and security (better isolation from the host).

As an aside, you can run Docker on Windows or macOS. In this case, you’re getting both a VM and containers: the host OS makes a minimal Linux VM, and its Linux kernel does the Docker containerization.


I don’t disagree with you at all there. In fact, my experience roughly corresponds with yours (except for computer education in school – I had none), with perhaps a handful of more technological challenges due to being a few years older than you.

I pretty much experienced every challenge you experienced there. I remember setting up my first Linux partition, Slackware 3.0, back in 1995 or so. I remember having to download the latest kernel source, manually patch the Ethernet driver, and then build and install that kernel because it was the only way to get my Ethernet card to work under Linux.

I remember, back in the day, when you turned on a computer it would automatically go into BASIC if you didn’t have any boot disks in the drives. Just flip the switch and boom, instant programming environment. Even on PCs, which didn’t boot into BASIC, getting it to run was as simple as (if you didn’t have a hard drive) inserting the correct floppy into the drive and typing gwbasic or basica, depending on whether you were running on a genuine IBM PC or a clone (and there was a big, thick manual in the box that points out that it is in there, so it wasn’t really hidden). I spent many an hour playing around with BASIC, sometimes even writing simple programs to help me with my homework.

Kids these days do have it easy when it comes to day to day use. However, they don’t learn as much as we did. It’s not even as easy to learn programming as you longer have an easy-to-use programming environment pre-installed on most computers. JavaScript is about the only universal language, but it’s not the best language to learn with and you need to deal with getting an editor going, learning enough HTML to test it in your browser, and then loading your HTML/js file into said browser. Linux and Mac at least come with Python pre-installed (usually), but it’s not front-and-center like BASIC was on the older machines. You need to actually go looking for it to use it, and you still need to deal with getting an editor set up.


This right here, everything you and Scott just said is why I advocate for using linux as your day to day operating system. Preferably like a server version like CentOS rather than a more user friendly Ubuntu or Fedora. Not because it’s somehow “better” not because I wanna be cool or because I wanna stop The Man from spying on me or any of that malarkey, just to force yourself to learn, really learn, even in some small fraction of the way you could in the 90s how to use your computer. Recapture that curiosity and frustration.

It’s not the same, it’s not even close, but it’s a mile ahead of using windows, where literally everything is abstracted away.


Given what you know now, is there a resource that would have helped you? Or is learning the right magic words the right way to go about it?

Database, OO, and web servers are three separate things that sometimes go together. And there are a few approaches that combine them all for you…


I don’t know. It’s a strange request, of course. It just comes down to the mode of thinking in these tutorials, help files, documentation, etc. Like, everyone who is reading this already knows everything about all areas of programming/development/IT/server management/command line stuff/etc… except for the specific thing or answer they are now looking for.

Not only that I already knew all that, but that I would understand implicitly that I would have to know all of that already, or else it was pointless trying to find or implement the answer they provide.

I think the best resource would be a form of “knowledge dependencies” for each kind of technology or solution, and listing these up front. And this should be extensive, and not assume everyone will of course already known that knowledge is a given.

So if the guide to setting something up assumes someone can use vim to remotely edit files, declare that up front, because there is a chance that this is the first time a person reading the guide has ever known that was a thing you could do. I mean, there has to be a first time for everything, right? And if that’s mentioned for the first time in step eight of a ten step process, and completely grinds the entire thing to a halt while the person works out how to use vim for the first time ever, it just becomes the most frustrating experience in the world ever.

Especially because they then realize, after banging their head against the wall for an hour, that the file that needs editing can be accessed with an ftp program using a GUI, and the file can be edited in a normal editor, and just reuploaded to the same place? That’s a way to accomplish the same step in literally 30 seconds compared to 55 minutes.

If this seems like a weirdly specific example, you’ve probably guessed it’s a real one from my own life.

To this day I’ve never managed to get vim to work in a way I feel even remotely confident I’ve not fucked it up, but ALSO I’ve never had the need to use it once I worked out I can just modify files and upload them.

All the guides just default to telling me to use vim, assuming that is the only way anyone would ever even think about doing it.

But really what they mean is “there’s a text file on another computer/server that needs editing or updating”. Sometimes the server is on my own computer, and sometimes the way I feel comfortable doing the same job is with a GUI program like a normal human being.

Multiply this experience, repeating over, say, a dozen times a year for the last six or seven years, and all it does is make me not want to learn new technologies with website development and programming, because while I love making things and problem solving, the least enjoyable part of that is working with the mindset of the people making or sharing the tools to do the job.

Once I know the time spent being made to feel like an idiot by people who happen to know more magic words than me will outpace the time spent actually coding, I just don’t bother anymore. It’s not fun, and I’d rather my website stay slow/crash/insecure than put myself through it.


It’s a hard problem. Dirty secret: even those of us who’ve been doing it for decades don’t know what half the fiddly bits mean, are looking things up every time we use them, can’t remember which X does Y, …

This is tough to know ahead of time. You have to assume some level of knowledge in the reader. What if a person doesn’t know how to install things on their Linux distro? How to ssh into the box in the first place? You have to draw a line somewhere.

Sounds like a job for recursive recipes.


This is totally easier and I did this exact thing (still do tbh) for a long time and it was completely fine until one day it wasn’t. To make a long story short, when I edited a file in notepad++, and in so doing, by the act of saving the file in that GUI I changed the line endings and a few other things to be windows-y and not linux-y.

Most of the time that doesn’t matter but this time that mattered as the file was like… being read by a thing and having those line endings be wrong made the entire thing crash.

This actually goes to a point I was making earlier about, how you learn basically exactly as much as you have to. For while, not using vim was fine and acceptable, right up until it wasn’t, then I bit the bullet and like, pulled up the vim cheat sheet, fucked it up, got frustrated and eventually moved past it, and now I’m incredibly comfortable in it.

My point is, most people (and honestly, I guess, by that I mean me) don’t learn until they have to.


AMEN. Java got a whole lot easier when I got away from the dogmatic crowd.

I agree. I grew up with computers, like siblings. If you want that kind of experience now, it’s more like working on a classic car. (I’m guessing. I don’t do much with cars except sit in them and wish product designers would innovate more.)

At one point in my Linux learning, I had to do that to get my wifi adapter to work. And then, since I didn’t know anything about patches, or diffs, or none of that, I had to do it every time I updated. RIP

This is how I had to learn vim. Some heartless person told me to in a guide – mind you I was mostly used to double click world – and then I was trapped and all the paradigms were wrong. It was like a non-consensual puzzle room.

But I learned about BIOS completely differently. My parents changed the dialup password as punishment, so I figured out how to lock them out of the entire computer as leverage. I didn’t have to be a little shit.

Something that really helped with linux was when someone told me about man and apropos, because google (or hey altavista) didn’t exist yet.


Running code written by randos not safe, more at 11.


And this is the core of my problem. The line is always “this person already knows all these other things… but not the one thing they are trying to find out.”

Another example is right there. Installing things. I spent two days trying to work with various package managers that use package managers to work with package managers to install other packages that help with managing packages. All of the instructions assumed I already knew all of what I was trying to do, not just what I wanted as a result. It turned out I’d installed PIP on the very first day of starting the big new project, except this happened when I copied and pasted a line of inscrutable text into the terminal on step five of seventeen. But because I already had “used PIP” once before, they assumed I knew all the magic words. How was I meant to know all the magic words when the time I used it before was a mindless copy and paste six months earlier?

I know the answer is going to be “Fuck You” because it always is. I get that now. That’s why I’m not enthusiastic about learning new things any more.


You can only know about the existence of magic words once you know they exist. It’s not like repairing a car, where you can point and wonder “What does this thing do, and to find out I should probably look up what it is called.”


This practice of documentation writers of providing complete commands that can be copy-pasted, and then telling users to copy-paste them, is a plague upon the earth.

If you are just giving the user the commands to execute in order, they are learning absolutely nothing. Yes, maybe your software is good enough that everything will work, but you have still failed in the goal to have the user learn to use your software. Their computer may be better off with the software running, but the user’s brain is still where it started before they read the documentation. The only thing the user learned is ctrl+c ctrl+v, which they probably already knew.

When I write documentation I try my best to avoid providing anything to copy/paste. When I do I will put it in such a way that the user has to copy, edit, then paste. For example documentation will tell a user to copy paste this:

curl | python

Wheras I will provide users with this

curl <URL OF THE SCRIPT> | python

This forces the person reading the documentation to edit the command and help them to understand what is happening. Copying and pasting will result in an error.

Another thing I do is I always include a paragraph next to each code block that fully explains it. I never tell anyone to copy/paste.

The thing is, even when I write documentation this way, users (including fellow software engineers at work who get paid) will proceed to scan the document, copy/paste all the code blocks, and not read my paragraphs of text. Half the blame for this should be laid on the bad documentation that trained them to copy paste, but also they must take responsibility for not reading 100% of the words that I wrote.

How do I know people do this? Because they come to me complaining that they copy/pasted the commands and got an error. If they had actually read the document they would know they have to edit the command before pasting.

My advice to anyone out there reading documentation is to NEVER copy/paste anything ever. If you are going to copy/paste something, a block of code or a command into your terminal, then you had better fully understand it before you press enter. If you can not fully understand and explain that code to another person, you have no business pressing enter. If the people who wrote the documentation did not do their job and provide an explanation, that’s a big fail on them. Still, it is still possible to gain an understanding of the code by doing further research.

One more pet peeve I have, that is a particular plague in Python documentation, is that people leave off the import statements. You’ll see some example code like this:

result = newfunction("hello")

Excuse me? Where the hell does newfunction come from? THIS is how that should have been written.

from coollibrary import newfunction

result = newfunction(<YOUR STRING GOES HERE>)

How the hell am I supposed to magically know where to import it from? Also, now it can’t be blindly copy/pasted.


Wow a Tech thread that is actually useful for me, I’ve been trying to use Docker to host a Xibo virtual signage system. Yayyyy.


I’ve been thinking about using Docker to consolidate a bunch RHEL/CentOS VMs in our project lab. I may just learn cgroups and namespaces and run it myself though.


In this video he makes containers without actually using Docker, live on stage.


Don’t get me wrong, I agree with you.

That is what apropos is about, though. When I barely knew anything, I would just apropos a thesaurus of words tangentially related to what I was trying, hoping, wondering if I could do. And then I’d read the docs for all the magic words that came up. It was tedious, and time consuming. And when apropos wasn’t already installed, I was SOL until I finally figured out package managers. I’m lucky because my personality suits this approach, but not everyone has that time / interest / personality to grind XP like that.

Learning alone can mean reinventing the wheel before learning how to drive. That’s why I’ve been involved in teaching. Having a personal touch to learning technology makes clearing those obstacles so much simpler, and lets people get to the fun stuff.