• Community Rep

    @scottalanmiller said in Which is better NodeBB or Discourse?:

    However, Solaris Containers are gone now, so the current is back to Zones. So it was Containers, then Zones, then Containers, but now it is once again Zones.

    "To simplify terminology, Oracle dropped the use of the term Container in Solaris 11, and has reverted to use of the term Solaris Zone irrespective of the use of resource management control"

    Heh, Oracle Solaris is dead. I could link Oracle's PR but I think a better read is Cantrill's take on it:

    In any event, I am unsure what terminology IllumOS folks are embracing these days, but, yeah, you got it: Isolation plus resource provisioning.👍

  • GNU/Linux

    @gotwf said in Which is better NodeBB or Discourse?:

    @julian said in Which is better NodeBB or Discourse?:

    WRT containerization, I honestly really do get the appeal. You can pretend it's all about making your dev environment mimic production, etc... but it all boils down to that "new server feeling", every single time you deploy a container.

    Sysadmins used to brag about their uptime records... now it's a soft sign that you might not be keeping up with the latest security patches 😆

    Is it worth the overhead? That's up to you... I like tinkering with my servers, personally. Pretty soon it'll be a lost art.

    If you love containers, try SmartOS, OmniOSCE, or anything IllumOS based for that matter. They do containers right. And if you really want/need Docker, you can run them in a SmartOS container, for "double hulled" (sticking with the shipping analogy) isolation and security.

    I'd also rank FreeBSD's jails as superior to Docker. Now cgroups done right? That may be a different matter. Rkt? Hmmm... maybe but I've not been keeping up with Linux since systemd bit me in the arse ten times too many (and before any of y'all Lennart lovers lock and load, I've been doing this stuff since the early 80's when VT52's were the cat's meow and we ran BSD on Digital VMS Vax monsters in the SDSC running tape drives - so no, they weren't pebkac errors).

    Peace-- o/

    - Saw this a long time ago haven't kept up with it but it was interesting.

  • Community Rep

    @Joykiller said in Which is better NodeBB or Discourse?:

    @gotwf said in Which is better NodeBB or Discourse?:

    @julian said in Which is better NodeBB or Discourse?:

    WRT containerization, I honestly really do get the appeal. You can pretend it's all about making your dev environment mimic production, etc... but it all boils down to that "new server feeling", every single time you deploy a container.

    Sysadmins used to brag about their uptime records... now it's a soft sign that you might not be keeping up with the latest security patches 😆

    Is it worth the overhead? That's up to you... I like tinkering with my servers, personally. Pretty soon it'll be a lost art.

    If you love containers, try SmartOS, OmniOSCE, or anything IllumOS based for that matter. They do containers right. And if you really want/need Docker, you can run them in a SmartOS container, for "double hulled" (sticking with the shipping analogy) isolation and security.

    I'd also rank FreeBSD's jails as superior to Docker. Now cgroups done right? That may be a different matter. Rkt? Hmmm... maybe but I've not been keeping up with Linux since systemd bit me in the arse ten times too many (and before any of y'all Lennart lovers lock and load, I've been doing this stuff since the early 80's when VT52's were the cat's meow and we ran BSD on Digital VMS Vax monsters in the SDSC running tape drives - so no, they weren't pebkac errors).

    Peace-- o/

    - Saw this a long time ago haven't kept up with it but it was interesting.

    That's a Xen and Linux based system AFAIK. I see it pop up from time to time.


  • @gotwf I'm not sure if it matters if Docker isn't the "best" container solution. Docker has become the defacto standard for containerization. 🤷

  • Community Rep

    @djensen47 said in Which is better NodeBB or Discourse?:

    @gotwf I'm not sure if it matters if Docker isn't the "best" container solution. Docker has become the defacto standard for containerization. 🤷

    I think we all love containers as a general thing, it really is the "Docker" situation of which we are all wary.

  • Community Rep

    This post is deleted!
  • Community Rep

    @djensen47 said in Which is better NodeBB or Discourse?:

    @gotwf I'm not sure if it matters if Docker isn't the "best" container solution. Docker has become the defacto standard for containerization. 🤷

    Please pass some of what you've been smoking, bruh! I know more than a few folks who refuse to use Docker in production. So, I disagree. Maybe a few years back but seems to me it's been loosing much of its shine with an increasing number of clued in types. I have friends who are security gurus at bigco.com. These folks audit financial institutions and such., They refuse to allow 1) systemd (will stay on RHEL6.x until unsupported and then migrate to new platform), and 2) Docker in production - rapid dev use only.

    Following the herd has it's advantages, granted. But..... a few of us rare breed types prefer the pursuit of technical excellence, even if it requires a bit more challenging path.

    But hey, feel free to disagree and enjoy your Docker. Not worth arguing over and I've bailed on Linux for what I assess to be superior, if less popular, platforms. But then I am willing to do some trail maint work from time to time as well. You may well choose different priorities for very valid reasons.

    Peace-- o/

    P.S.; I do find it ironically amusing that the Docker folks stuck with a Solaris container analogy for their product, hoping to leverage Solaris Container buzz. Imitation is the sincerest form of flattery, and yep... Linux is STILL playing catch up after all these years. If you've never had your fingers into the big iron it is considerably easier for Linux to shine.

    P.P.S.; Zones/Container and fbsd jails have also been around for a lot longer, are more mature, and offer a more proven track record. So I feel 'safer' trusting them. I could well be wrong, but a little PPP (Purely Psychological Protection) is not always a bad thing. lol.

  • GNU/Linux Admin

    Sometimes I feel like we're a little behind with our approach to developing NodeBB (that is, not treating Docker like a first-class citizen)...

    Now there's kubernetes 😆 What's next?

  • Community Rep

    @djensen47 said in May Docker Discussion:

    Docker has become the defacto standard for containerization.

    And Windows is the de facto standard desktop. It works. Docker works. But is it the best idea? No, it's just what the masses do. The masses rarely make good decisions. Working decisions, but not good ones.

  • Community Rep

    @scottalanmiller said in May Docker Discussion:

    @djensen47 said in May Docker Discussion:

    Docker has become the defacto standard for containerization.

    And Windows is the de facto standard desktop.

    But that’s what Docker brings to the table that no one else has done (as consumer friendly) yet: containerization on the desktop.

    For developers, this can save so much time in terms of onboarding, setting up a new machine for development, and consistency.

  • GNU/Linux Admin

    Docker for dev definitely has its applications, I think... the onboarding aspect, as you say.

    However, I'm still kind of against docker in production... containers, sure.

  • Community Rep

    @Bri said in May Docker Discussion:

    But that’s what Docker brings to the table that no one else has done (as consumer friendly) yet: containerization on the desktop.

    Does it really do that? I can containerize with Snap, Flatpak, LXC, etc. on the desktop just the same, unless I am missing some feature. What does Docker do that I didn't already have?

  • Community Rep

    @julian said in May Docker Discussion:

    Docker for dev definitely has its applications, I think... the onboarding aspect, as you say.

    However, I'm still kind of against docker in production... containers, sure.

    This is the biggest problem with Docker, I think, it makes things seem easy for developers and creates invisible challenges for operations.

  • GNU/Linux Admin

    Docker wasn't meant to ease operations, was it? It was mostly to allow devs to sync up their environments to match prod... or so I thought

  • Community Rep

    @julian said in May Docker Discussion:

    Docker wasn't meant to ease operations, was it? It was mostly to allow devs to sync up their environments to match prod... or so I thought

    Neither, I don't think. It isn't fundamentally designed for any production use, the design of it makes little sense for that. The idea was allowing devs to test quickly without going through operational scrutiny. Fast testing, which is where it remains good.

  • GNU/Linux Admin

  • Community Rep

  • GNU/Linux

    Haha just came here to post this too.

    From Discover on Google https://duo.com/decipher/docker-bug-allows-root-access-to-host-file-system

  • Community Rep

    One thing that I fear from Docker is the community. It's the latest buzzword and hype and because of that, most people using it see it as some magic panacea, and that creates hubris, and hubris leads to instability and insecurity. People who think technology is magic and not subject to the normal rules or rigors are how bad things happen.

  • GNU/Linux Admin

    @scottalanmiller oh you could say that with most of the js libraries that come out. JavaScript has been the new hotness for the last little while and it shows 😆

Suggested Topics

  • 3
  • 16
  • 10
  • 1
  • 6
| |