Oddbean new post about login | logout It’s a complicated burden
Simplifies distribution and orchestration. Definitely not a good fit for all use cases, but on a server it'll generally make your life easier
After a fashion, probably. But to use Docker at all you have to first install it, which you can’t do from the package maintainer. So you’re either out in apt sources config land, or installing deb packages by hand. And then you have to configure your user to be a member of the docker group. And then you can start using docker, which may include configuring your virtual network, and port forwarding from the system proper. And setting up persistent volumes. Compare that to “sudo apt install <whatever> “.
what's wrong with podman? should be in your distro
I have never heard of that before today. Saw it mentioned somewhere in some document. What is it?
think of it as drop-in replacement of docker in that case (there's a rabbit hole involved).
https://media1.tenor.com/m/wPUbkhwfiuEAAAAd/curiosity-curious.gif
nspawn is more lightweight than docker, no layered filesystem... but you have to bring more batteries to it... i never even heard of it until a year ago, it's a great way to put services in containers https://github.com/relaytools/relay-tools-images i helped build this
Reminds me of OSv unikernels. Still think it's the way to go. you can use this for go apps. have a look!
yeah, it had go in it because cloudfodder was building strfry sprockets in Go and it was simplest to just write a script to install go and git and pull the stuff go and git have got to be the smallest footprint dev toolchain there is, anyone that doesn't get how powerful that is is just not thinking
oot. just generally, do you like the unikernel idea?
i was very interested in "NoKernel" even more, and have even thought of an idea of having a kernel running on each core of a CPU with a message passing interface plan9 also goes towards this direction as well, by creating a uniform socket interface for everything, the next logical step from the unix "everything is a file" but android also with LXC namespace isolation goes a long way towards this also and i get it that this is what UFS and ZFS are trying to do to filesystems but really LVM2 does it better overall, you can conceive of a single service that just manages this, and another service that manages permission, like a local version of ETCD i think it's gonna be a long time yet before we see the end of monolithic kernels though... apple runs on a bsd microkernel and everyone else is running monolithics i think really it's just about the API differences, it's hard to make a mapping between standard system APIs and the distinctly different way you run things with a no-kernel everything-is-a-service style of architecture... the slowest moving parts of software development are languages and kernels it's a subject dear to my heart though... kernels and compilers, my two favourite things
i'd like to see something like qubeos but instead of fat vms it would spawn unikernel adhoc vms with apps. those two models merged would really be awesome. much more efficient then flatpak or snap.
This is a good point, I should have said "containers are your friend". Any OCI compliant runtime simplifies server administration
OCI?
It's a container format and runtime standard. see, a rabbit hole 😂
Part of what I dislike about Docker is the “you have to understand everything to do anything” nature of it. 😅
As an admin you (almost (until you figure out how things don't respect the specs) never) have to. alias docker=podman
*don't have to
The fact that you’re making your point with nested parentheticals and footnotes does not fill me with great confidence 😂
Hey, I'm trying hard to be funny 😂
