tag:blogger.com,1999:blog-2356137376934964551.post4314474821574929425..comments2023-06-14T06:01:24.499-04:00Comments on Andrew Dunstan's PostgreSQL and Technical blog: Interesting new technologiesAndrew Dunstanhttp://www.blogger.com/profile/04684286585449188201noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-2356137376934964551.post-75661392089228926982013-10-10T19:47:22.148-04:002013-10-10T19:47:22.148-04:00This comment has been removed by a blog administrator.Anonymoushttps://www.blogger.com/profile/09400351963488345701noreply@blogger.comtag:blogger.com,1999:blog-2356137376934964551.post-74621921691455755412013-09-23T08:52:32.316-04:002013-09-23T08:52:32.316-04:00I've been playing with docker this weekend, an...I've been playing with docker this weekend, and so far pretty cool. They emphasize the disk-space saving advantages and copy-on-write to show how 'cheap' dockers can be to turn up, but that means they haven't spent much time making them as useful for permanent virtual-machine replacing options (for say development environments). A few examples:<br /><br />1) Its base default image (ubuntu) doesn't start with a non-root user, no root password, and no port 22 exposed, no openssh, etc.. You have to specifically tell docker via a running command (not just daemonize) sshd to make that work. If you just run a docker backgrounded, it won't actually run - it *must* have a command even if its something silly like a wait command in a bash script. The point is you have a chicken-and-egg if you wanted to turn it up and then let a deployment solution (puppet, salt, ansible) manage things like your access.<br />2) In building an image, you build a 'Dockerfile' with commands to get it up and running (install a few basic packages like openssh, put in authorized keys, etc.). Each command makes its own running docker container built on top of the previous. I know thats useful for container development, but not so practical for regular use especially when they have a 42-container limit. Worse, there are still known bugs where it won't let you delete those sometimes (so I've got ~ 12 of them stuck). You can append all the docker commands into a shell script to try and avoid that, but its just not prime-time ready.<br />3) its only a single process at a time, so theres issues with backgrounding, such as ubuntu tools assuming upstart is running. Upstart actually doesn't work without some hack burried in a Git issue by the core team, which took a while to figure out how to deploy from my Ansible scripts that assumed that.<br />4) You can only send files to docker in subdirectories of your Dockerfile configuration, even though it all runs as root. Thats again an issue if you're using a deployment tool and want to copy authorized_keys from a different location than your config template.<br /><br />In implementing it as a virtual machine alternative, its still got some rough spots. I think docker currently is a great alternative for making single-process functions run in parallel (long running build/teardown unit tests), quick experiments (let anonymous users test your app in a short-lived docker), and the community seems to be growing fast so things will get ironed out. <br /><br />I think so far my recommendation is to consider Docker for things that are a single process and not a collection of processes. I'm specifically thinking about something like node.js running in cluser mode (multicore) and a few cron jobs, and what the implications would be with docker.<br /><br />tmanhttps://www.blogger.com/profile/01893199104573379008noreply@blogger.comtag:blogger.com,1999:blog-2356137376934964551.post-4040350059731443542013-09-22T16:44:36.232-04:002013-09-22T16:44:36.232-04:00Yeah, I haven't explored it much yet. But I do...Yeah, I haven't explored it much yet. But I do think this will be important in the future of virtualization - lightweight containers that can be stood up easily from scratch in seconds is quite a big advance.Andrew Dunstanhttps://www.blogger.com/profile/04684286585449188201noreply@blogger.comtag:blogger.com,1999:blog-2356137376934964551.post-32204683921182400592013-09-20T18:27:45.881-04:002013-09-20T18:27:45.881-04:00As I understand it Docker uses aufs a union / laye...As I understand it Docker uses aufs a union / layered filesystem. Some benchmarks, exploration would be really quite interesting. Anonymoushttps://www.blogger.com/profile/08851180696984453675noreply@blogger.com