Date: Sun, 16 Apr 2023 10:04:45 -0500 From: Tim Daneliuk <tundra@tundraware.com> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: Docker Message-ID: <6cbc4a9e-bbb0-bedb-2941-9511c4232312@tundraware.com> In-Reply-To: <9efb1204ede36008eb1bc83b6048d9c41ea2ab86.camel@riseup.net> References: <20230329053443.6ADA6B6AFED5@dhcp-8e64.meeting.ietf.org> <8E16D624-2655-4A10-844A-93E4F63E9859@gromit.dlib.vt.edu> <078a1cf8-7ae2-c593-615b-f5f37fa2b3eb@timpreston.net> <CA%2B1FSij9j922Nvv1Vhn43HznwpyGT99UZsU674G9hHWzR=UhvQ@mail.gmail.com> <06be3a1e-9319-1a21-88b9-4f87328ee127@timpreston.net> <CA%2B1FSijc%2B-OLNsyFNdR=jP3VzMi4zUE92i5iv9Pfg6AryDy_KQ@mail.gmail.com> <34b4b76e-1c41-4cfb-9e86-856f01e8abc9@app.fastmail.com> <CA%2B1FSihVrJ8cZ4ZU6mMr0sKJsZ98V4fh2vpDLugw7MGj-%2BEBPg@mail.gmail.com> <CA%2B1FSijL50mQ-HveBA4HZeNkSoaORv=aty-15nNLzn9amzY_nw@mail.gmail.com> <6002f636-310b-a9fd-b82f-346618976983@timpreston.net> <CA%2B1FSigV_pPwVW%2BDd8WZYGcNQVt7%2BYOcsnJFoRhS6jL5A636pg@mail.gmail.com> <d0da9627-3ff7-fcca-f9dc-6c2d1c874ef2@tundraware.com> <9efb1204ede36008eb1bc83b6048d9c41ea2ab86.camel@riseup.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/16/23 03:14, Ralf Mardorf wrote:
> On Sat, 2023-04-15 at 22:00 -0500, Tim Daneliuk wrote:
>> Docker is many things. It is a virtually private filespace running over
>> a common Linux kernel. In this regard, it's basically a high-
>> class version of chroot.
>
> Used with intellect and application-related I like Linux, chroot,
> systemd-nspawn and hypervisors a lot. However, the countless container
> approaches flooding linux are just odd workarounds in order not to have
> to deal with fundamental things that would have to be changed. At some
> point adding a layer above a layer above a layer above layer becomes
> pure madness.
To all intents and purposes, the only thing that matters are
docker and Kubernetes (and maybe Swarm). All the rest of it is - at
least for the moment - various science experiments that can be ignored for
production computing.
Docker alone makes a ton of sense for simple/small microservice
and deployment problems. I wrote some tooling for this smaller case.
See:
https://gitbucket.tundraware.com/tundra/dockersand
Kubernetes makes a lot of sense when you're running microservices
at hundreds- or thousands- scale. But at the scale, you have to
find a way to simplify service discovery, observability, a operational
integrity. That's what Istio/Anthos sidecars are for. These tools
have been proven in very large scale deployments by people like
Netflix and Lyft.
My point is that these extra pieces of tooling are not really "layers"
such much as ways to manage running containers at large scale. They
are not needed or recommend for smaller use cases.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6cbc4a9e-bbb0-bedb-2941-9511c4232312>