Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Docker 1.0 Released

Soulskill posted about a month and a half ago | from the it's-done-for-arbitrary-values-of-done dept.

Software 88

Graculus writes: "Docker, the company that sponsors the Docker.org open source project, is gaining allies in making its commercially supported Linux container format a de facto standard. Linux containers are a way of packaging up applications and related software for movement over the network or Internet. Once at their destination, they launch in a standard way and enable multiple containers to run under a single host operating system. 15 months and 8,741 commits after the earliest version was made public, Docker 1.0 has been released."

cancel ×

88 comments

pant? (1)

danomatika (1977210) | about a month and a half ago | (#47208061)

I thought this was about pant ... which should be at LEAST 2.0.

Re:pant? (1)

freeze128 (544774) | about a month and a half ago | (#47208749)

I don't know if I would want to wear open-source pants....

Re:pant? (0)

Anonymous Coward | about a month and a half ago | (#47208917)

But pants already are open source! Once you buy them you can modify them in any way you wish! And they list the materials on the tag so you can even "fork" them if you want!

Re: pant? (0)

Anonymous Coward | about a month and a half ago | (#47210895)

Stop tarnishing open source. No pun intended. With proprietary, u cant afford the pants so u go without them in theend. With IBM u go naked,

Re: pant? (0)

Anonymous Coward | about a month and a half ago | (#47212387)

I was naked once at IBM.

Security told me I was infringing on their patents and escorted me on under a--presumably--open source blanket.

Re:pant? (1)

LifesABeach (234436) | about a month and a half ago | (#47215161)

I cannot help but wonder how the Levi Strauss folks are going to think about how their product is now Open Source, and versioned.

Relevant XKCD (-1)

Anonymous Coward | about a month and a half ago | (#47208065)

http://xkcd.com/927/

Relevant XKCD (2)

Anonymous Coward | about a month and a half ago | (#47208317)

No, it's not.

Re:Relevant XKCD (0)

Anonymous Coward | about a month and a half ago | (#47209177)

so, is it a new standard for a VM, or is it a new standard for a package, or what exactly is it a new standard for? Yeah, it's a relevant XKCD.

Re:Relevant XKCD (0)

Anonymous Coward | about a month and a half ago | (#47210245)

It IS a relevant XKCD.

That said, there are good reasons to reinvent the wheel, depending on the audience, lifetime of the project, funds involved, deployment area, licensing, groups involved, and so forth.

"New" standards are not a total pain, IF they are publically documented, not restricted e.g. by patents, and having a reference implementation with code.

Color me jaded, but I will take a "new" open standard over an "old" proprietary solution any day.

There are reasons to adopt, reasons to fsck in a protected manner, and reasons to let loose.

I can see getting pissy when you have 20 adopted kids and then 5 more are forced on you out of nowhere, as a "gift."

Holy crap! (0)

50000BTU_barbecue (588132) | about a month and a half ago | (#47208153)

I can download a file from the internet and it will install and run on my computer!?

Why haven't I heard about this before??

Seriously, maybe explain why this is important for the old ones among us?

(grabs bifocals and oatmeal)

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47208359)

Trying to pretend installing applications on linux is always a breeze is like spending 18 hours on your car and saying it never has given you any trouble.

Re:Holy crap! (1)

cheater512 (783349) | about a month and a half ago | (#47208615)

Download .deb
Double click it
Insert password, hit ok

Seriously it is a hell of a lot easier than Windows and that is for packages that aren't in the repositories.
If it is in a repository then there isn't even a need to go to the manufacturers website, plus it auto-updates for you.

Re:Holy crap! (2, Interesting)

BusDriver (34906) | about a month and a half ago | (#47208727)

Until someone comes along who's running Redhat.

Re:Holy crap! (1)

Anonymous Coward | about a month and a half ago | (#47209183)

Well don't do that then.

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47212097)

Until someone comes along who's running Redhat.

In that case

  1. Download .rpm

  2. Double click it

  3. Insert password, hit ok

Again, it is a lot easier... but good play at trying to make the Linux world look like a un-usability feast.

Re:Holy crap! (4, Insightful)

firewrought (36952) | about a month and a half ago | (#47208911)

Download .deb Double click it Insert password, hit ok Seriously it is a hell of a lot easier than Windows

Oh, I'm sorry. You need libglib2.0-0 (>= 2.35.9), but I'm on libglib2.0-0 (2.34.8) and upgrading it will cause a conflict with libwtf5.0 (1:5.0.99) and also require installing libancientrelic0.8 (0.8.0.012), which I can't seem to find anywhere. Let me suggest removing a bunch of packages (leaving some things broken). Accept this solution? (y/N) Alternately, I could suggest you blow your weekend learning to build a dummy package just to shut me up... there so many wonderful commands that start with deb and dpkg, you'll love digging thru layers and layers of accumulated shell scripts!

Re:Holy crap! (2)

cheater512 (783349) | about a month and a half ago | (#47209005)

Name a single example of this occurring with a up to date maintained package.

I dare you to link to a .deb file. Go on.

And don't get me started with DLL hell on Windows.

Re:Holy crap! (2)

Wing_Zero (692394) | about a month and a half ago | (#47209205)

happened a few months ago to me trying to update XBMC on my HTPC. ended up reinstalling the whole OS. all i wanted to do was "Apt-get upgrade xbmc". doing a standard "apt-get upgrade" would tell me it was held back. even on my current install, i have about 15 packages that are held back because of this kind of package snafu

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47210955)

apt-get dist-upgrade would have solved it for you.

Re:Holy crap! (2)

Nimey (114278) | about a month and a half ago | (#47211793)

Not necessarily.

I've had this problem mostly with Debian testing and unstable (where this sort of thing should be expected) but there are times when even apt-get dist-upgrade or aptitude dist-upgrade won't resolve it, and one either must ignore it until all the dependencies are updated or decide "yeah, I didn't need those packages anyway", uninstall the offenders, and complete upgrading other stuff.

Once or twice I told apt to grab a package's dependencies, compiled the package locally, then installed it with stow. This works too if you don't mind updating the package manually.

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47209217)

That would be the whole problem. Not all software that people require is properly maintained over time.

Re:Holy crap! (1)

umafuckit (2980809) | about a month and a half ago | (#47211075)

Of course this happens. If your OS isn't up to date and you try installing a package from outside of the repository then things like this can indeed occur from time to time. Happened to me a couple of days ago. The fastest method for dealing with this (at least for me) is to update the whole OS.

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47211219)

You people clearly aren't responsible for maintaining production systems.

Docker is not for your personal use computing, it's for consistent environments that can be deployed across many machines without caring about the state of the hosts packages.

For example, our database guy is bitching about not being able to install specific point releases of Postgres on all our machines. The postgres project only keeps the LATEST point release in their apt repos. They ditch all the old ones. The only alternative is to use Joe Blow's ppa which is compiled and packaged with different prefix/installation/run/init scripts etc.

This is a real problem.

"Just run the latest" is not viable for people who want to ensure stable software across the board. So our QA setup 4 months ago has 9.2.2, the CI env has 9.2.3, the Staging env has 9.2.4, the prod env has 9.2.6? Does this sound like a good thing to you? Our server/db guy should just upgrade all 40 of our servers every time he has to build out a new box and there's been a new point release?

Stop pretending it's not a problem, of course it is.

This solves it nicely

Re:Holy crap! (1)

cheater512 (783349) | about a month and a half ago | (#47217655)

"Why doesn't Crysis 3 work on my Windows 3.1 computer?"

"Why doesn't this square peg fit in to this round hole?"

"Why doesn't this .deb compiled for squeeze work on etch?"

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47212723)

I haven't had a moment of trouble in years using the Mandriva/Mageia URPM package management system to manage their RPM packages.

Re:Holy crap! (1)

kbahey (102895) | about a month and a half ago | (#47213371)

The proper way is to install gdebi:

sudo aptitude install gdebi

Then, you install a downloaded .deb using gdebi:

sudo gdebi packagefile.deb

Gdebi will search for dependencies for that .deb and install them for you automatically.

Re:Holy crap! (1)

digitalPhant0m (1424687) | about a month and a half ago | (#47213913)

Queue the scores of responses claiming to "never have had a problem" with .

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47220859)

Cue, not queue, in this case.

Re:Holy crap! (2)

Belial6 (794905) | about a month and a half ago | (#47209193)

Yep. There was a time that installing software on Linux was a nightmare. It was so bad that some people sat down and really thought about how to make it really good, and then implemented those ideas. With Windows, software installations was always just passable, and that is the way it has stayed.

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47269409)

"always just passable" .. hahaha

Re:Holy crap! (2)

MouseTheLuckyDog (2752443) | about a month and a half ago | (#47209359)

Not if you are a web hosting service that has to keep ruby 1.8 around for some clients and ruby 1.9 for others, and can't let the two interact.

More detail in this Redhat talk on containers [youtube.com] .

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47209067)

Are you a time traveller from the 1990s, or did you just wake up from a 15-year coma? Either way, you have a lot to catch up on.

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47211427)

Yes, for example the fact that Windows has become perfectly usable...

Re:Holy crap! (0)

Anonymous Coward | about a month and a half ago | (#47208679)

> Seriously, maybe explain why this is important for the old ones among us?

It is fully self-contained. No dependencies and it is sort of sandboxed too so it is relatively safe to run untrusted software.

Re:Holy crap! (1)

50000BTU_barbecue (588132) | about a month and a half ago | (#47208747)

Oh, a virtual machine image all set up to go?

Re:Holy crap! (1)

MouseTheLuckyDog (2752443) | about a month and a half ago | (#47209379)

Close but no cigar. Basically it's between chroot and a VM.

IT uses the same loadecd kernel as the host but is isolated by the host ( using cgroups and namespaces ).

Re:Holy crap! (2)

Darinbob (1142669) | about a month and a half ago | (#47209335)

I went to the web site to learn more. I still don't know what it is. I suspect it's a venture capital extraction method.

Re:Holy crap! (1)

RabidReindeer (2625839) | about a month and a half ago | (#47210971)

I went to the web site to learn more. I still don't know what it is. I suspect it's a venture capital extraction method.

Nothing wrong with that. I'd like to extract some myself.

However, the short of it is that Docker containers are a lot like Solaris Zones. They give much the same freedom as having lots of VMs, but without the overhead that a normal VM requires in terms of memory or filesystem space. Plus they allow resource load-balancing. So it's a fairly trivial thing using Docker to run 25 Apache servers on the same box without them interfering with each other.

Re:Holy crap! (1)

Lennie (16154) | about a month and a half ago | (#47215687)

It isn't just Linux containers, but is is also a deployment method.

Re:Holy crap! (1)

gajop (1285284) | about a month and a half ago | (#47210745)

Contains also offer security.
I've used it to run tests safely on student submitted code (server: https://bitbucket.org/gajop/au... [bitbucket.org] , docker images: https://github.com/gajop/gradi... [github.com] and https://github.com/gajop/gradi... [github.com] ).
It's done automatically for practice tests (for when students would submit their solutions online), so I don't even look at the source.
I know it's not guaranteed to offer 100% security as they could potentially break out of the container, but it takes care of most attempts or just mistakes (like accidental on the disk writing where they shouldn't).

And as far as their benefit over LXC, well it's really easy to setup: https://github.com/gajop/gradi... [github.com] and use: https://bitbucket.org/gajop/au... [bitbucket.org]

What is this? (1)

Calavar (1587721) | about a month and a half ago | (#47208171)

This is the second time Docker has appeared on Slashdot and, as before, nobody knows what it is. Is this news for nerds or a sales pitch?

Re: What is this? (2, Informative)

Anonymous Coward | about a month and a half ago | (#47208199)

All the real nerds know about it.

Re: What is this? (2)

burdickjp (2530248) | about a month and a half ago | (#47208643)

Is there such thing as an inverse "no true scotsman" fallacy? https://en.wikipedia.org/wiki/... [wikipedia.org]

Re: What is this? (1)

Jade_Wayfarer (1741180) | about a month and a half ago | (#47211233)

It is still the same fallacy:

"Nae true Scotsman doesnae ken abit Docker, laddie"

Re:What is this? (1)

Charliemopps (1157495) | about a month and a half ago | (#47208229)

From what I understand, it creates a VM that can be sent to, and consume the resources of, any machine that's also running the docker software. You can control this remotely. It's an isolated environment so the application cannot interact with the host system, so it secures the hardware. So, lets say you have a bitcoin mining app (random example) and hundreds of computers all over. Rather that installing it on each one, you can just send your application over to each one using this Docker thing and each processes will run locally on that machine. In one of their examples it says this is how spottify deploys their streaming servers.

Re:What is this? (0)

Anonymous Coward | about a month and a half ago | (#47208257)

so it's like a VM image, except it's "new" "better" and all hopey, changey'ish?

Re:What is this? (0)

Anonymous Coward | about a month and a half ago | (#47208301)

No, it's like a linux container but with much better tools for managing versions, running and connecting to.

Re:What is this? (0)

Anonymous Coward | about a month and a half ago | (#47208383)

That's already pretty easy to do with libvirt. I run three commands like this to copy my image, setup the vm on the new host, and start it:

rsync -avz main_server:/var/lib/libvirt/images/bitcoin.qcow2 /var/lib/libvirt/images/bitcoin5.qcow2

virt-install --name=bitcoin5 --arch=x86_64 --vcpus=4 --ram=4096 --os-type=linux --os-variant=rhel6 --hvm --connect=qemu:///system --network bridge:br0 --cdrom=/var/lib/libvirt/images/CentOS-6.5-x86_64-minimal.iso --disk path=/var/lib/libvirt/images/bitcoin5.qcow2 --accelerate --graphics none

virsh start bitcoin5

The only hard part is if you need to do static IP addrs or any other special setup for the host. Then you do something like:

guestmount -a bitcoin5.qcow2 -m /dev/vg_bitcoin/lv_root /mnt

# To set static IP addr
cp bitcoin5.ifcfg-eth0 /mnt/etc/sysconfig/network-scripts/ifcfg-eth0

# To change hostname
cp bitcoin5.network /etc/sysconfig/network

umount /mnt

before starting the vm to copy the config file with the static IP into the virtual machine image.

Re:What is this? (1)

nschubach (922175) | about a month and a half ago | (#47208443)

Oh yeah... I can totally remember all those commands.

Re: What is this? (0)

Anonymous Coward | about a month and a half ago | (#47209559)

See, all you'd have to do is create a bunch of scripts to simplify this plethora of commands and options into a single, consistent and easy to use command set, then give it a fancy name and present it to VCs as a revolution to the IT industry, and bang, you got yourself a couple millions bucks.

Re:What is this? (1)

dave420 (699308) | about a month and a half ago | (#47210063)

So easy. Herp.

Re:What is this? (2)

RabidReindeer (2625839) | about a month and a half ago | (#47210987)

That's already pretty easy to do with libvirt. I run three commands like this to copy my image, setup the vm on the new host, and start it:

rsync -avz main_server:/var/lib/libvirt/images/bitcoin.qcow2 /var/lib/libvirt/images/bitcoin5.qcow2

virt-install --name=bitcoin5 --arch=x86_64 --vcpus=4 --ram=4096 --os-type=linux --os-variant=rhel6 --hvm --connect=qemu:///system --network bridge:br0 --cdrom=/var/lib/libvirt/images/CentOS-6.5-x86_64-minimal.iso --disk path=/var/lib/libvirt/images/bitcoin5.qcow2 --accelerate --graphics none

...

Except that your stand-alone virtual machines are going to consume about 3GB of disk space and 500MB of RAM per instance.

Docker allows a differential-style "Virtual Machine", so you have 1 base image and the actual containers are only the differences between images. Often no more than 100MB or so. And only consume the RAM and CPU needed for stuff that isn't done in the base instance. And can be defined with service levels to keep them from getting greedy.

Re: What is this? (0)

Anonymous Coward | about a month and a half ago | (#47212717)

So then use a COW image. You Docker zealots are annoying. You constantly resort to lies to justify that useless piece of crap. There's a reason no one uses it.

Re: What is this? (1)

MurukeshM (1901690) | about a month and a half ago | (#47213477)

How does using COW images save RAM? It's one of the arguments posted by GGP.

Re: What is this? (0)

Anonymous Coward | about a month and a half ago | (#47219537)

Sigh, more Docker fanboi liars. The adults in the room were talking about disk space.

Re: What is this? (1)

RabidReindeer (2625839) | about a month and a half ago | (#47220473)

So then use a COW image. You Docker zealots are annoying. You constantly resort to lies to justify that useless piece of crap. There's a reason no one uses it.

Docker does. However, it also contains load-balancing and isolation services. Also, if "no one uses it" (I do), it's because A), running multiple containers is something that's not generally necessary - or even very useful - for ordinary desktop use (but is very valuable when you're running lots of virtual servers) and B), because this announcement was for Docker 1.0, alleged to be the first fully ready-for-prime-time release. Docker is only about 2 years old, and a lot of Linux distros don't yet have subsystem support for it.

Sigh, more Docker fanboi liars. The adults in the room were talking about disk space.

Us kids also meant RAM, though. CentOS 6 needs about 512MB of RAM per instance. So 10 CentOS VMs would need about 5GB RAM plus hypervisor. 10 Docker instances might use 10MB or less, depending on what they're running.

Re:What is this? (0)

Anonymous Coward | about a month and a half ago | (#47211523)

That's already pretty easy to do with libvirt.

[multiple complex shell commands follow]

Right, very easy... and let me also guess that a couple of upgrades later, some of those commands fail with "Invalid argument" type of messages.

Re:What is this? (0)

Anonymous Coward | about a month and a half ago | (#47219575)

So you're entire argument against doing things the industry-standard, proven ways is that there might be improvements made one day to libvirt? I guess that is a valid argument since development on Docker has basically been dead for over a year while libvirt keeps making nice improvements. I just wouldn't build new infrastructure on a dead produce like Docker.

Re:What is this? (5, Informative)

gmuslera (3436) | about a month and a half ago | (#47208499)

The point is that don't create a VM. Containers runs applications in their own isolated (as in filesystem, memory, processes, network, users, etc) environment, but just one kernel, no hard reservation of memory or disk, it consumes resources pretty much like native apps.Another difference is at it just need the linux kernel, it runs where a linux kernel (modern enough, 2.6.38+) run, including inside VMs, so you can run them on amazon, google app engine, linode and a lot more.

What docker adds over LXC (Linux Containers) is using a copy-on-write filesystem (so if i get the filesystem for i.e. ubuntu for an app, and another application also tries to use the filesystem of ubuntu, the extra disk use is just what both changed, also cached disk works for both), using cgroups to be able to limit what resources the container can use, and a whole management system for deploying, managing, sharing, packaging and constructing. It enables you to i.e. build a container for some service (with all the servers it need to run, with the filesystem of the distribution you need, exposing just the ports you want to give services on), pack it, and use it as a single unit, deploying it in the amount of servers you want without worrying about conflicting libraries, required packages, or having the right distribution.

If you think that is something academical, Google heavily use containers in their cloud, creating 2 billon containers per week. They have their own container technology (LMCTFY, Let Me Contain That For You) but has been adopting lately Docker, and contributing not just code but also a lot of tools to manage containers in a cloud.

Re:What is this? (5, Informative)

Anonymous Coward | about a month and a half ago | (#47208253)

What is Docker?
Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications.

How is this different from Virtual Machines?
Virtual Machines
Each virtualized application includes not only the application - which may be only 10s of MB - and the necessary binaries and libraries, but also an entire guest operating system - which may weigh 10s of GB.
Docker
The Docker Engine container comprises just the application and its dependencies. It runs as an isolated process in userspace on the host operating system, sharing the kernel with other containers. Thus, it enjoys the resource isolation and allocation benefits of VMs but is much more portable and efficient.

https://www.docker.com/whatisdocker/ [docker.com]

Re:What is this? (0)

Anonymous Coward | about a month and a half ago | (#47208423)

This is the second time Docker has appeared on Slashdot and, as before, nobody knows what it is. Is this news for nerds or a sales pitch?

The simplest analogy is that it is Git for virtual machines*.

*Not technically virtual machines but Linux containers which receive virtually no resource penalties (RAM, CPU & HD)

Re:What is this? (1)

Threni (635302) | about a month and a half ago | (#47209911)

Only because that write-up above is so poor. There's no reason it couldn't have been explained properly, is there? I know we don't have proper writers working at Slashdot but surely there's is some sort of a functioning brain between "first-time submitter #239402394032" and the "publish this story" button, otherwise we might as well just be reading whatever pops on on twitter with a #0-day-news tag.

Soulskill fails, again (1)

Gothmolly (148874) | about a month and a half ago | (#47208211)

"Linux containers are a way of packaging up applications and related software for movement over the network or Internet."

Rewritten not to be shitty:

"Linux containers are a way of packaging up applications and related software."

Re:Soulskill fails, again (2)

RabidReindeer (2625839) | about a month and a half ago | (#47211009)

"Linux containers are a way of packaging up applications and related software for movement over the network or Internet."

Rewritten not to be shitty:

"Linux containers are a way of packaging up applications and related software."

For movement over the network or Internet.

One of the key attributes of a Docker image is that's it's a commodity. Their logo resembles a container freight vessel for a very good reason.

We've had the ability to package applications for years. That's what things like debs and RPMs are all about. A Docker instance isn't merely a package, it's a complete ready-to-run filesystem image with resource mapping that allows it to be shipped and/or replicated over a wide number of container hosts, then launched without further ado. And destroyed when you don't need it any more.

...package management (-1)

Anonymous Coward | about a month and a half ago | (#47208231)

Sounds like a revolutionary idea, really. I, for one, don't have the aptitude to develop an idea like this. Wouldn't it be amazing to go make yourself a yummy sandwich while your software deploys on another computer? Allow me to feed and burp my baby while it installs? Think of the time I could save!

...

dpkg

Re:...package management (1)

Anonymous Coward | about a month and a half ago | (#47208281)

lol, you really have no idea what you're posting about do you.

What is docker? Docker is... (4, Informative)

Omegaman (703) | about a month and a half ago | (#47208297)

Docker is a lot of things, all rolled up into one so it is difficult to describe without leaving out some detail. What is important to one devops person might be unimportant to another. I have been testing docker for the past few months and there are a couple of things about it that I like quite a bit.

I have to explain a couple of things that I like about it before I get to the one that I really like.

1) It has a repository of very bare bones images for ubuntu, redhat, busybox. Super bare bones, because docker only runs the bare minimum to start with and you build from that.

2) You pull down what you want to work with, and then you figuratively jump into that running image and you can set up that container with what you want it to do.

3) (this is what I really like) That working copy becomes a "diff" of the original base image. You can then save out that working image back to the repository. You can then jump on another machine, and pull down that "diff" image (but you don't even really have to think of it as a "diff", you can just think of it as your new container. docker handles all the magic of it behind the scenes. So if you are familiar with git, it provides a git like interface to managing your server images.

It does a lot more than what I describe above, but it is one of the things I was most impressed with.

Re:What is docker? Docker is... (2)

ArsonSmith (13997) | about a month and a half ago | (#47209187)

You can almost think of it as a new compiler system that outputs a self contained application that needs to know almost nothing about the underlying system. Similar to a virtual machine appliance, but designed to be the way it is and not an addition to platform.

You can compile software and create a container that includes everything needed to run that app as part of your continuous delivery environment then deploy the docker artifact to integration testing, qa testing and then to production as the exact same object.

Re:What is docker? Docker is... (0)

Anonymous Coward | about a month and a half ago | (#47211883)

Are Dockers architecture dependent or multiarchitecture like Fat Binaries?

Sound like BSD jails (1)

Nutria (679911) | about a month and a half ago | (#47208313)

How is it different?

Re:Sound like BSD jails (4, Informative)

siDDis (961791) | about a month and a half ago | (#47210909)

It's the same thing as BSD Jails, however there is one big difference with Docker. A container/jail can be shipped to another system running a completely different kernel. This means you can create an Ubuntu 10.04 container and run it on an Ubuntu 14.04 host or RHEL 7 host.
With BSD Jails, you can only ship your jails to the same system unless you spend enough time fiddling around so you can basically do the same thing. Luckily the Docker team is already adding BSD Jails support.

Re:Sound like BSD jails (1)

jon3k (691256) | about a month and a half ago | (#47212019)

It's similar, it's a linux container technology. It also uses a couple of newish features in the kernel to give you a little more control over your containers (namely, cgroups and namesakes). But if you're familiar with containers then you already know what docker is, at the basic level.

need another name (0)

Anonymous Coward | about a month and a half ago | (#47208353)

"docker" is a man that puts his penis into another man's foreskin (it's a gay thing, don't ask). Since a lot of linux users are GLBT etc they should probably find another name.

Re:need another name (1)

Zontar The Mindless (9002) | about a month and a half ago | (#47217857)

That's Rule 34-B: Any word chosen for a software product is already in use as slang for an obscure sexual practise.

Docker description (2)

GrahamJ (241784) | about a month and a half ago | (#47208449)

From the Docker site [docker.com] :

Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications. Consisting of Docker Engine, a portable, lightweight runtime and packaging tool, and Docker Hub, a cloud service for sharing applications and automating workflows, Docker enables apps to be quickly assembled from components and eliminates the friction between development, QA, and production environments. As a result, IT can ship faster and run the same app, unchanged, on laptops, data center VMs, and any cloud.

I think of it as something like a version controlled Make or Grunt script with the output being a jail. Setting up your cloud stack as a series of Docker containers makes it much easier to create, upgrade, scale and relocate your services such as web servers, databases, caches, app servers etc.

Try it, 404 (2)

smprather (941570) | about a month and a half ago | (#47208493)

Try clicking "Try it!" on their web page. Your container is lost at sea :/.

Is it like most OSX software? (1)

Camembert (2891457) | about a month and a half ago | (#47208873)

From the summary this seems like most OSX software: simply an icon with everything inside that you only need to drag to your Applications folder (or in the case of the OSX app store, the iconthat is downloaded). I've always liked this ultra-intuitive installation process.

Re:Is it like most OSX software? (0)

Anonymous Coward | about a month and a half ago | (#47209181)

Nope. Docker containers have security. This is not about things being intuitive, its about having them be secure, version controlled, isolated and robust. Not being insane to use is a side effect of that.

Have you ever looked at the junk mac applications spew around? Preferences files, applications support files, caches all over the place. Sure its not registry crap and its not created by an installer, but its still a mess, not properly isolated, and has no semblance of security. Its better than Windows sure, but its by no means an isolated container.

Re:Is it like most OSX software? (1)

Goaway (82658) | about a month and a half ago | (#47210259)

Well, OS X sandboxing fixes pretty much all of that.

Security considerations and other-than-Linux? (1)

storkus (179708) | about a month and a half ago | (#47209249)

The quality of comments on are are further proof of how far downhill /. has fallen. It's just depressing.

A couple questions pop to mind:

1. Security--how do containers, whether LXC/Docker, Jails, etc compare to true virtualization? For example, pfSense strongly argues against using virtualization in production machines not only for being slower, but for possible security risks--and a container would be even less secure than that. As an extreme scenario, what's to keep one Docker program from messing with another Docker program running under the same Docker Engine instance?

2. Will Docker only support LXC/Linux only or will it expand to support jails and such? The ability to support multiple OS containers with Docker sounds like it could be INSANELY useful!

Re: Security considerations and other-than-Linux? (0)

Anonymous Coward | about a month and a half ago | (#47209539)

1. No messing around. Containers are by definition and in reality secured against each other. Docker does not implement containers, it uses LXC. Essentially, Docker is a bunch of scripts to simplify the setup and management of LXC instances and images.

2. I am not sure, but I think to remember they have alluded to the poasibility.

Re:Security considerations and other-than-Linux? (1)

jon3k (691256) | about a month and a half ago | (#47212057)

The quality of comments on are are further proof of how far downhill /. has fallen. It's just depressing.

Ironically, this is exactly what your post made me think. It's 2014 and someone on Slashdot is asking what the performance and security considerations of virtualization are? Really? Every one of your questions is answered within about 30 seconds of Googling and reading.

Re:Security considerations and other-than-Linux? (1)

GrahamJ (241784) | about a month and a half ago | (#47214691)

The quality of comments on are are further proof of how far downhill /. has fallen. It's just depressing.

Seriously.

"zomg it sounds kinda sorta like something I've heard of before, it must suck! Thousands of devs who actually know something about it, including Google, are all wrong!!!!!1!!one"

Re:Security considerations and other-than-Linux? (1)

Lennie (16154) | about a month and a half ago | (#47215677)

RedHat added SELinux support.

Pretty certain they'll make it nice and secure.

Yes! fBp (-1)

Anonymous Coward | about a month and a half ago | (#47210053)

is mired 1n an become obseesed

Shared libraries? (1)

jeaton (44965) | about a month and a half ago | (#47212369)

So, it bundles up a binary and all of the shared libraries necessary for that binary, so that you don't end up in dependency hell. Great, except for what happens when the next OpenSSL vulnerability is announced, and suddenly you need to replace every container which has its own copy of OpenSSL, instead of the one shared system copy.

Kinda sounds like Java (1)

SampleFish (2769857) | about a month and a half ago | (#47213823)

or a centrally managed JVM. It's a little run-time environment that works on any OS. This is not a new idea but a different language. They don't specify what the app in the container is. A better platform independent solution would be very useful.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...