People just dump any garbage because moderators are either non-existent or don’t care, and the bulk of the community mindlessly upvote literally any crap that gets posted here.
Meanwhile other communities lack content that these posts would be a proper fit for, and the same people supporting garbage posts here use that lack of activity in other communities as an excuse to continue the garbage posts here.
I have a love/hate relationship with docker. On one side it’s convenient to have a single line start for your services. On the other side as a self-hoster it made some developers rely only on docker meaning that deploying the stack from source is just an undocumented mess.
Also following the log4j vulnerability I tend to prioritize building from source as some docker package were updated far later than the source code was.
I love Docker because it is the only sane method to selfhost shit with my Synology NAS, and I love my Synology NAS because it is the only Linux interaction that I have (from my old MacBook Pro).
The Dockerfile is essentially the instructions for deploying from scratch. Sure, they most likely only exist for one distro but adapting isn’t a huge chore.
You can also clone the repo and build the container yourself. If you want to update say, log4j, and then attempt to build it, that’s still entirely possible and easier than from scratch considering the build environment is consistent.
If I’m updating the source code already I might as well build my service from it, I really don’t see how building a docker container afterward makes it easier considering the update can also break compatibility with the docker environment.
Also adapting can be a pita when the package is built around a really specific environment. Like if I see that the dockerfile installs a MySQL database can I instead connect it to my PostgreSQL database or is it completely not compatible? That’s not really something the dockerfile would tell me.
I really don’t see how building a docker container afterward makes it easier
What it’s supposed to make easier is both sandboxing and reuse / deployment. For example, Docker + Traefik makes some tasks so incredibly easy and secure compared to running them on bare metal. Or if you need to spin up multiple instances, they can be created and destroyed in seconds. Without the container, this just isn’t feasible.
The dockerfile uses MySQL because it works. If you want to know if the core service works with PostgreSQL, that’s not really on the guy who wrote the dockerfile, that’s on the application maintainer. Read the docs, do some testing, create your own container using its own PostgreSQL or connecting to an external database if that suits your needs better.
Once again the flexibility of bind mounts means you could often drop that external database right on top of the one in the container. That’s the real beauty of Docker IMO, being able to slot the containers into your system seamlessly due to the mount system.
adapting can be a pita when the package is built around a really specific environment
That’s the great thing about Docker, it lets you bring that really specific environment anywhere and in an incredibly lightweight manner compared to the old days of heavyweight VMs. I’ve even got Docker containers running on a Raspberry Pi B+ that otherwise is so old that it would be nearly impossible to install the libraries required to run modern software.
Also I created this repo to create a reproducible sec environment for myself. I added other languages, but personally work mostly with python. It is basically resonating for handling all the boiler plate:
For packaging in docker I started to use nix2container project as it gives me a greater control over layers. So for example when I package my phyton app I typically use 3 layers:
python and it’s dependencies
my application dependencies
my application, which is very tiny compared to other two, so there is great reuse of the layers
The algorithm mentioned in the video also helps a lot with reuse, but the above is more optimized by frequency of how things typically change.
BTW: today I discovered this github.com/astro/microvm.nix I haven’t play with it yet, but in theory it would let me generate a microvm image (in similar fashion to generate a docker container) which would let me to run my app natively as a tiny VM on EC2 for example, and use only minimum necessary of a typical OS to run it.
When I was a kid I pressed the “return coin” button on a vending machine at a rest stop and 50¢ came out. Gotta check every single vending machine now.
This is my dog after she discovered she could pick her own blackberries. Too bad blackberry season isn't year round because she sure expects it to come back every day.
I absolutely love the natives huckleberries we have here in the US Pacific Northwest. They're also related to blueberries but have some tartness to them.
More recent scholarship on cargo cults has challenged the suitability of the term for the movements associated with it, with recent anthropological sources arguing that the term is born of colonialism and prejudice and does not accurately convey the nature of the movements to which it refers.
It wasn’t pseudoscience, it was just given a colonial-centric name that reinforces the view of uncontacted or even just aboriginal peoples as “savage” or “uncivilized”. The described phenomenon is a real thing.
no I agree I don’t think it’s racist to reference the fact that people from non industrial societies don’t understand how our supply chains work. Why would they. That’s not them being dumb it’s them not having detailed knowledge without being taught. It’s not reasonable to expect someone to deduce the existence of Bristol from a blue vase
Also also us: oh a lottery ticket that I know for a mathematical fact has such a tiny chance of winning that I’m literally more likely to be struck by a shark and eaten by lightning, well I’ll try my odds, who knows?
My dog once found a biscuit* in a bush near our home, from that day onwards he always checked the bush for a biscuit, there never was another one, the bush became known as "The Biscuit Bush"
Every time I hear this from one of my devs under me I get a little more angry. Such a meaningless statement, what are you gonna do, hand your pc to the fucking customer?
It's not actually meaningless. It means "I did test this and it did work under certain conditions." So maybe if you can determine what conditions are different on the customer's machine that'll give you a clue as to what happened.
The most obscure bug that I ever created ended up being something that would work just fine on any machine that had at any point had Visual Studio 2013 installed on it, even if it had since had it uninstalled (it left behind the library that my code change had introduced a hidden dependency on). It would only fail on a machine that had never had Visual Studio 2013 installed. This was quite a few years back so the computers we had throughout the company mostly had had 2013 installed at some point, only brand new ones that hadn't been used for much would crash when it happened to touch my code. That was a fun one to figure out and the list of "works on this machine" vs. "doesn't work on that machine" was useful.
programming.dev
Active