[GLLUG] Docker question - for those that are using it

Matthew Copperwaite mattcopp at gmail.com
Tue Sep 23 12:39:47 UTC 2014 

So everyone got very excited about Docker about 12-18 months ago. The
Docker talk at FOSDEM last February could have been filled 3 times over.

The thing with Docker though is that if you do get in to a talk about it,
you'll be surprised as to how little meat there actually is, and leave
wondering if you'd missed the point. The truth (as I see it) is that there
is no real meat. At least not in the containers element of Docker.

Simply, Docker is a wrapper for CGroups, an extension to the Linux kernel
by Red Hat which has been around for some time now. Docker just makes the
process of using CGroups a little bit easier/familiar for people used to
the process of managing VMs.

The bits where it gets interesting are the automated building of these
containers which should make deployment, automated, consistent and
therefore easier.

Lately there has been some backlash against containers/Docker because the
assumption was that, like a VM, the containers were isolated and therefore
secure. This however was not necessarily the case, especially if SELinux is
disabled or not installed. This meant on some PaaS services it was possible
to "break in" to other Docker instances.

Now I'm not saying Docker is bad at all. All technology can be used for
good and for bad depending on the user. But I do think the hype out-weighed
the usefulness and this was enhanced by a lack of understanding of what
Docker actually is and does. I don't think it's their fault at all, I
believe if anything it's a fault of how simple they made it.

What Docker does do is make deployment of services and applications distro
agnostic, and automated, which should make the deployment of software
easier in the cases where you don't want to care about writing make files
or whatever for each distro and their versions, or want to worry about
dependencies. The trade-off is that the packages you deploy will be much
larger as you contain a decent amount of an OS in there too.

Matt

On 23 September 2014 12:41, James Roberts <j.roberts at stabilys.com> wrote:

> I have been looking at Docker and so far have failed to get even slightly
> excited about it - for our use case, that is.
>
> I have played a bit and it seems to me that all we have here is containers
> with a scriptable but otherwise undetermined management suite.
>
> We only manage a few (<10) containers and VMS (<10) per host (KVM, Using
> Proxmox) and Proxmox gives us some very nice management tools packaged
> together and also the ability for the less console-literate members of
> staff to do something useful with it.
>
> I can see a possible strong future role for people hosting hundreds or
> thousands of containerised instances in large data centres (but would not
> like to manage that with the current management tools).
>
> Am I being particularly dumb (again?!) here and missing the Docker/Fleet
> point?
>
> Should I persist with trying to use it?
>
> Or is it all a bit of a hype as my more cynical side (most of me) says?
>
> tyvm
>
> MeJ
>
> --
> Stabilys Ltd            www.stabilys.com
> 244 Kilburn Lane
> LONDON
> W10 4BA
>
> 0845 838 5370
>
> _______________________________________________
> GLLUG mailing list
> GLLUG at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/gllug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20140923/1eb741c2/attachment.html>

More information about the GLLUG mailing list