Slashdot Mirror
Docker 1.0 Released
Graculus writes: "Docker, the company that sponsors the Docker.org open source project, is gaining allies in making its commercially supported Linux container format a de facto standard. Linux containers are a way of packaging up applications and related software for movement over the network or Internet. Once at their destination, they launch in a standard way and enable multiple containers to run under a single host operating system. 15 months and 8,741 commits after the earliest version was made public, Docker 1.0 has been released."
I thought this was about pant ... which should be at LEAST 2.0.
This is the second time Docker has appeared on Slashdot and, as before, nobody knows what it is. Is this news for nerds or a sales pitch?
"Linux containers are a way of packaging up applications and related software for movement over the network or Internet."
Rewritten not to be shitty:
"Linux containers are a way of packaging up applications and related software."
I want to delete my account but Slashdot doesn't allow it.
lol, you really have no idea what you're posting about do you.
Docker is a lot of things, all rolled up into one so it is difficult to describe without leaving out some detail. What is important to one devops person might be unimportant to another. I have been testing docker for the past few months and there are a couple of things about it that I like quite a bit.
I have to explain a couple of things that I like about it before I get to the one that I really like.
1) It has a repository of very bare bones images for ubuntu, redhat, busybox. Super bare bones, because docker only runs the bare minimum to start with and you build from that.
2) You pull down what you want to work with, and then you figuratively jump into that running image and you can set up that container with what you want it to do.
3) (this is what I really like) That working copy becomes a "diff" of the original base image. You can then save out that working image back to the repository. You can then jump on another machine, and pull down that "diff" image (but you don't even really have to think of it as a "diff", you can just think of it as your new container. docker handles all the magic of it behind the scenes. So if you are familiar with git, it provides a git like interface to managing your server images.
It does a lot more than what I describe above, but it is one of the things I was most impressed with.
How is it different?
"I don't know, therefore Aliens" Wafflebox1
No, it's not.
I think of it as something like a version controlled Make or Grunt script with the output being a jail. Setting up your cloud stack as a series of Docker containers makes it much easier to create, upgrade, scale and relocate your services such as web servers, databases, caches, app servers etc.
Try clicking "Try it!" on their web page. Your container is lost at sea :/.
Download .deb
Double click it
Insert password, hit ok
Seriously it is a hell of a lot easier than Windows and that is for packages that aren't in the repositories.
If it is in a repository then there isn't even a need to go to the manufacturers website, plus it auto-updates for you.
Until someone comes along who's running Redhat.
Oh, a virtual machine image all set up to go?
Mostly random stuff.
From the summary this seems like most OSX software: simply an icon with everything inside that you only need to drag to your Applications folder (or in the case of the OSX app store, the iconthat is downloaded). I've always liked this ultra-intuitive installation process.
Download .deb
Double click it
Insert password, hit ok
Seriously it is a hell of a lot easier than Windows
Oh, I'm sorry. You need libglib2.0-0 (>= 2.35.9), but I'm on libglib2.0-0 (2.34.8) and upgrading it will cause a conflict with libwtf5.0 (1:5.0.99) and also require installing libancientrelic0.8 (0.8.0.012), which I can't seem to find anywhere. Let me suggest removing a bunch of packages (leaving some things broken). Accept this solution? (y/N) Alternately, I could suggest you blow your weekend learning to build a dummy package just to shut me up... there so many wonderful commands that start with deb and dpkg, you'll love digging thru layers and layers of accumulated shell scripts!
-1, Too Many Layers Of Abstraction
Name a single example of this occurring with a up to date maintained package.
I dare you to link to a .deb file. Go on.
And don't get me started with DLL hell on Windows.
Well don't do that then.
Yep. There was a time that installing software on Linux was a nightmare. It was so bad that some people sat down and really thought about how to make it really good, and then implemented those ideas. With Windows, software installations was always just passable, and that is the way it has stayed.
happened a few months ago to me trying to update XBMC on my HTPC. ended up reinstalling the whole OS. all i wanted to do was "Apt-get upgrade xbmc". doing a standard "apt-get upgrade" would tell me it was held back. even on my current install, i have about 15 packages that are held back because of this kind of package snafu
The quality of comments on are are further proof of how far downhill /. has fallen. It's just depressing.
A couple questions pop to mind:
1. Security--how do containers, whether LXC/Docker, Jails, etc compare to true virtualization? For example, pfSense strongly argues against using virtualization in production machines not only for being slower, but for possible security risks--and a container would be even less secure than that. As an extreme scenario, what's to keep one Docker program from messing with another Docker program running under the same Docker Engine instance?
2. Will Docker only support LXC/Linux only or will it expand to support jails and such? The ability to support multiple OS containers with Docker sounds like it could be INSANELY useful!
I went to the web site to learn more. I still don't know what it is. I suspect it's a venture capital extraction method.
Not if you are a web hosting service that has to keep ruby 1.8 around for some clients and ruby 1.9 for others, and can't let the two interact.
More detail in this Redhat talk on containers.
Close but no cigar. Basically it's between chroot and a VM.
IT uses the same loadecd kernel as the host but is isolated by the host ( using cgroups and namespaces ).
Contains also offer security.
I've used it to run tests safely on student submitted code (server: https://bitbucket.org/gajop/au..., docker images: https://github.com/gajop/gradi... and https://github.com/gajop/gradi...).
It's done automatically for practice tests (for when students would submit their solutions online), so I don't even look at the source.
I know it's not guaranteed to offer 100% security as they could potentially break out of the container, but it takes care of most attempts or just mistakes (like accidental on the disk writing where they shouldn't).
And as far as their benefit over LXC, well it's really easy to setup: https://github.com/gajop/gradi... and use: https://bitbucket.org/gajop/au...
I went to the web site to learn more. I still don't know what it is. I suspect it's a venture capital extraction method.
Nothing wrong with that. I'd like to extract some myself.
However, the short of it is that Docker containers are a lot like Solaris Zones. They give much the same freedom as having lots of VMs, but without the overhead that a normal VM requires in terms of memory or filesystem space. Plus they allow resource load-balancing. So it's a fairly trivial thing using Docker to run 25 Apache servers on the same box without them interfering with each other.
Of course this happens. If your OS isn't up to date and you try installing a package from outside of the repository then things like this can indeed occur from time to time. Happened to me a couple of days ago. The fastest method for dealing with this (at least for me) is to update the whole OS.
soylentnews.org
Not necessarily.
I've had this problem mostly with Debian testing and unstable (where this sort of thing should be expected) but there are times when even apt-get dist-upgrade or aptitude dist-upgrade won't resolve it, and one either must ignore it until all the dependencies are updated or decide "yeah, I didn't need those packages anyway", uninstall the offenders, and complete upgrading other stuff.
Once or twice I told apt to grab a package's dependencies, compiled the package locally, then installed it with stow. This works too if you don't mind updating the package manually.
Hail Eris, full of mischief...
E pluribus sanguinem
So, it bundles up a binary and all of the shared libraries necessary for that binary, so that you don't end up in dependency hell. Great, except for what happens when the next OpenSSL vulnerability is announced, and suddenly you need to replace every container which has its own copy of OpenSSL, instead of the one shared system copy.
The proper way is to install gdebi:
sudo aptitude install gdebi
Then, you install a downloaded .deb using gdebi:
sudo gdebi packagefile.deb
Gdebi will search for dependencies for that .deb and install them for you automatically.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
or a centrally managed JVM. It's a little run-time environment that works on any OS. This is not a new idea but a different language. They don't specify what the app in the container is. A better platform independent solution would be very useful.
Queue the scores of responses claiming to "never have had a problem" with .
It isn't just Linux containers, but is is also a deployment method.
New things are always on the horizon
"Why doesn't Crysis 3 work on my Windows 3.1 computer?"
"Why doesn't this square peg fit in to this round hole?"
"Why doesn't this .deb compiled for squeeze work on etch?"
That's Rule 34-B: Any word chosen for a software product is already in use as slang for an obscure sexual practise.
Il n'y a pas de Planet B.