I just deleted 1,372 disks from Google cloud and 7 project spaces.
-
@Viss @arichtman @mttaggart That's how I have it deployed . All on prem with Jenkins and Rancher RKE2 k8s backends.
-
Taggart :donor:replied to Scott Williams π§ last edited by
@vwbusguy @Viss @arichtman This conversation is quite the piece of evidence that you are the exception to the rule. Your knowledge is impressive, and rare. Certainly moreso than orchestrated container deployments. Y'all are both right.
-
@mttaggart @vwbusguy @arichtman this is just the 2024 version of
- there is a 'way to do it right'
- most people do not do it that way
- the thing is almost certainly being used when it doesnt need to be
- the folks deploying the thing in most cases are not familiar enough with it, or architecture in general to adquately harden it
-- or they just dont care to, usually because complianceit used to be lamp, now its containers
-
Scott Williams π§replied to Taggart :donor: last edited by [email protected]
@mttaggart @Viss @arichtman We didn't even get into immutable Linux hosts yet, either
And to be clear, I also think Viss is right. Where we've disagreed here, I'm also agreeing with him at least somewhat.
-
@mttaggart @vwbusguy @arichtman i guess the tl;dr for me is:
"if you give people a giant red george jetson button that does a thing, then people will just instinctively mash that button without ever considering the consequences. and you end up with a bunch of output that the button masher wasnt expecting and doesnt know what to do with, which often times ends up as someone elses problem, who wont be happy with this arrangement"
-
@Viss @mttaggart @arichtman I think it often happens more like this:
-
@vwbusguy @mttaggart @arichtman nailed it. but now with k8s you can cloud scale that debt at warp factor 9
-
@vwbusguy @mttaggart @arichtman just like java was 'write once, exploit everywhere', now you can take "architectural and technical misconfigurations and lack of hardening and cloud scale it"
-
@Viss @vwbusguy @arichtman I really do think a giant piece of itβespecially in the tech industry/startup space itselfβis a decision-making process that assumes:
- Old == bad
- We will be the next 1M user unicorn and should build for that today.
-
Scott Williams π§replied to Taggart :donor: last edited by
1. Containers are old. They're basically jails and Solaris had containers in the 1990s.
2. Getting this right is a tricky problem. Arguably one viable reason *to* use public cloud is that you don't expect to scale big soon, so the cost to do so could be relatively low in OpX dollars. -
Scott Williams π§replied to Scott Williams π§ last edited by [email protected]
@mttaggart @Viss @arichtman The "magic" about containers in either direction tends to go away once you realize that containers are just Linux processes. That's all they are - wrapped in cgroups namespaces and with link hijacking like a jail. That's why when you run `ps` on Linux you see the actual container process and not a hypervisor, etc. Requests and limits? That's CFS.
-
Taggart :donor:replied to Scott Williams π§ last edited by
@vwbusguy @Viss @arichtman While the concept of containers is old, I think we can both agree that the "productization" of them is less so.
And as far as scale, I'm referring specifically to choosing a container orchestrator as the deployment target from day one.
-
Scott Williams π§replied to Taggart :donor: last edited by [email protected]
@mttaggart @Viss @arichtman Nope - Solaris did it first and *very* commercially.
Solaris ContainersMenu
With Oracle Solaris Containers you can maintain the one-application-per-server deployment model while simultaneously sharing hardware resources.
(www.oracle.com)
-
Taggart :donor:replied to Scott Williams π§ last edited by
@vwbusguy @Viss @arichtman Fair enough. To what do you attribute the rise of Docker?
-
@mttaggart @vwbusguy @arichtman im gonna vote 'entirely 100% hype'. because thats what i saw in the infosec space. lots of people with little to no technical accumen suddenly going 500% in on docker and self-labeling themselves experts in it, while at the same time having little to no actual experience at the linux command line
-
Scott Williams π§replied to Taggart :donor: last edited by
@mttaggart @Viss @arichtman Ripe timing with the advent of nodejs making stateless applications more mainstream plus complete lack of a coherent business model that meant others managed to productize Docker before Docker itself could figure out how to do it.
-
@Viss @mttaggart @arichtman That's also true. Much in the same way all the junior devs are putting AI on their resume today when their core experience is sticking an OpenAI token into some code they copy and pasted off the internet to make a chat bot.
-
Taggart :donor:replied to Scott Williams π§ last edited by
@vwbusguy @Viss @arichtman Node resonates because that is a lot of how I got started using it. But it wasn't just hype. There were real problems of deployability and reproducibility that it solved for Linux admins and developers targeting Linux servers.
I'll cop to missing Solaris on account of being still in school and not being a BSD expert, but when I was running school IT systems, Docker arrived and immediately solved longstanding complications.
-
Taggart :donor:replied to Taggart :donor: last edited by
@vwbusguy @Viss @arichtman And I wasn't alone. I distinctly remember the conversation amongst a lot of working Linux folks at the time being one of excitement and optimism.
-
Scott Williams π§replied to Taggart :donor: last edited by
@mttaggart @Viss @arichtman Indeed. In context, Red Hat had bought Qumranet and was competing with Xen, VMWare, and VirtualBox and saying things like you could run 5 VMs on Red Hat for the cost of 3 on VMWare, etc. Hypervisors were a huge deal. OpenStack vs Eucalyptus was the big hype.
On top of that, proprietary PaaS like Heroku was huge.
Docker came along as a way to do VM-like workloads with the overhead of a PaaS in the midst of all of that discussion.