• d3Xt3r@lemmy.nzM
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    1 year ago

    I’m new to the container world, but everything I’ve seen and read about so far makes me dislike Docker. I really don’t get why it’s so popular - except for the cross-platform compatibility I guess?

    • Oliver Lowe@lemmy.sdf.org
      link
      fedilink
      arrow-up
      14
      ·
      edit-2
      1 year ago

      In a word: convenience.

      It was in the right place at the right time with easy UX. A big audience were developers not so familiar with sysadmin in the commercial software world. It provided an easy way to get a kind of executable package. Devs could throw in all their Python/Ruby/JS dependencies and not worry about it. “works on my machine” was basically good enough because you just ship the whole damn thing over.

      Docker then supervised the process for you, too. The whole Docker package took care of a lot of things

      PS: for those really interested in containers, I always recommend looking into Plan 9: the OS from the original UNIX team intended as a successor to UNIX. Every process has its own namespace and the whole OS is built around that concept (plus a few other core things… too much to go into here). see also https://pdos.csail.mit.edu/~rsc/plan9.html

      • AggressivelyPassive@feddit.de
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        Don’t forget configuration. A properly built Docker image can be configured purely via environment variables, which are all in one place. That’s much more transparent than having 20 locations with tiny changes to the defaults.

        There are obviously edge cases where this doesn’t work, but even then you still have a just a bundle of config files in one place.

    • moonpiedumplings@programming.dev
      link
      fedilink
      arrow-up
      14
      arrow-down
      2
      ·
      edit-2
      1 year ago

      The benefit of docker is portability. You can run software anywhere. Rather than going through all this pain of installing and managing systemd services, you can just run a docker container, often in only one command. Docker also handles things like setting environment variables, which are sometimes used by apps as a an alternative for, or even replacement for settings filed, like in the lemmy docker example: https://github.com/LemmyNet/lemmy/blob/main/docker/docker-compose.yml

      Docker succeeds where java failed, but in a language agnostic way.

      And I disagree with the author’s point about disliking docker-only apps, for two main reasons. One, it isn’t the developers responsibility to package things for every system, and two, docker containers are mostly self documenting, being very close to simply a shell script. I almost always look at dockerfiles, and I have only seen one or two that are not simple to extract to make them run outside docker.

      For example, the lemmy docker image: https://github.com/LemmyNet/lemmy/blob/main/docker/Dockerfile

      The author acts like it’s some advanced witchcraft or something, but it’s just using rust to compile stuff on an debian based system. Every command used to build lemmy is right there. Then, you can look at the environment variables set in the docker compose, and set them in a systemd service or something.

      How do I tag people on lemmy?

      u/tony

    • SuddenlyBlowGreen@lemmy.world
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      What makes you dislike docker?

      At least from a development perspecrive, it’s really convenient, especially when paired with a CICD system and container registry.

      • 9488fcea02a9
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        I tried it once and it rewrote all my firewall rules without telling me

        • moonpiedumplings@programming.dev
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 year ago

          Yeah that’s a gripe of mine. Thankfully podman doesn’t do that.

          Docker also sometimes breaks lxd and libvirt networking by changing the default forward policy from accept to drop.

            • moonpiedumplings@programming.dev
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Nope, I just tested and the rootful podman service doesn’t touch any iptables/firewall rules.

              It uses what is called a “CNI”, container network interface, to manage container networking rather than just overwriting all the iptables rules like docker does.

        • Toribor@corndog.social
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Sounds like you were using Docker Desktop on Windows maybe? It’s… pretty meh. But Docker on Linux is phenomenal. Docker on Windows is mostly just a way to make it accessible to developers stuck on Windows.