Profile: 98fa4384...
Hey #linux people, weird question:
How much would I subtly break my system by having one Arch based distro and one Debian based distro both sharing a common /home partition? :taz_laugh:
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48
> They talk about it like it's just another installation avenue like flatpak
That's actually a very good comparison. Docker is kind of like FlatPak for servers. Although maybe more like AppImage.
As long as you have the latest image, you have the latest version of everything packaged inside it. Like any package manager, this can be automated. Everything else is handled by the OS, not Docker or the Container. That's my understanding, having only tinkered with Docker a little.
nostr:npub17j5xgxhtskpcp0kjd9ldjhm3w6ggns7kkvfp44lk4qsrdwawmjeqvd0ny5
nostr:npub1trdnqrfstufc45awha43p6xy2n0v6czuhapzh4r09hap08dg0c6s9gussx nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48 Personally I think FlatPak makes more sense, I don't think AppImage has the same sort of sandboxing which is the entire point of containers.
Unfortunately this comparison breaks down when you consider that Docker expects a sort of one-container-per-app topology, using stacks to link everything up. So a single application can be made of half a dozen containers, one for the app, one for the database, one for the frontend... All communicating on a loopback bridge network together. Updating these can be fun sometimes.
Also your understanding is good but misses some details, Docker (and the ContainerD runtime and system it uses) is doing basically all the work, the OS isn't doing anything besides cgroup separation. (And don't get me started on how Docker does storage and filesystems)
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48
Like, okay, you *can* (and usually do) build a Docker image from some base OS, but that's really only just to give your program the support it needs to exist. A Docker container is not, fundamentally, supposed to be a VM. It's an application running in a sandbox. There is no real OS around it, besides the libraries and support files it would need to run. There are no processes besides whatever is in the CMD line when building the image + whatever else that starts up.
This removes like 90% of the OS from the OS, and not many OS updates are going to really have any effect besides major version changes or urgent fixes.
(And even for urgent fixes, you *can* modify and rebuild the image yourself just by changing the FROM line)
nostr:npub1trdnqrfstufc45awha43p6xy2n0v6czuhapzh4r09hap08dg0c6s9gussx
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48
To add, and address a separate point:
you're trusting them to not only update their app in the container image, but every underlying utility and library used.
Most projects that I can think of, building container images usually is part of the CI/CD pipeline, and those images usually start their build with a number of apt / dnf / yum / apk / pkg / etc. invocations to pull the libs, meaning that every application update is, within a day or two, an image update, and usually a library update since it's in effect firing up a very lightweight VM, running a bunch of package installations, and then copying its own files in.
Some places even build the app in the container with the libraries to make sure it's all set up correctly for the environment, and then have a second build stage, so you're not holding all the build-time dev dependencies that it needs, but that's getting a bit besides the point.
nostr:npub1trdnqrfstufc45awha43p6xy2n0v6czuhapzh4r09hap08dg0c6s9gussx
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48
Like, okay, you *can* (and usually do) build a Docker image from some base OS, but that's really only just to give your program the support it needs to exist. A Docker container is not, fundamentally, supposed to be a VM. It's an application running in a sandbox. There is no real OS around it, besides the libraries and support files it would need to run. There are no processes besides whatever is in the CMD line when building the image + whatever else that starts up.
This removes like 90% of the OS from the OS, and not many OS updates are going to really have any effect besides major version changes or urgent fixes.
(And even for urgent fixes, you *can* modify and rebuild the image yourself just by changing the FROM line)
nostr:npub1trdnqrfstufc45awha43p6xy2n0v6czuhapzh4r09hap08dg0c6s9gussx
nostr:npub1trdnqrfstufc45awha43p6xy2n0v6czuhapzh4r09hap08dg0c6s9gussx nostr:npub17j5xgxhtskpcp0kjd9ldjhm3w6ggns7kkvfp44lk4qsrdwawmjeqvd0ny5
Yeah, it's going to be a big trust relationship, but man... with *so* many potential moving parts, you're trusting them to not only update their app in the container image, but every underlying utility and library used.
That sounds like a lot of work for a small FOSS project to keep up with. Even then, how much behind regular OS updates will the software contained in the image be, even if you update it every week?
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48
> Even then, how much behind regular OS updates will the software contained in the image be
Standard Docker, basically irrelevant most of the time
nostr:npub1trdnqrfstufc45awha43p6xy2n0v6czuhapzh4r09hap08dg0c6s9gussx
nostr:npub17j5xgxhtskpcp0kjd9ldjhm3w6ggns7kkvfp44lk4qsrdwawmjeqvd0ny5
I'm wary of self-hosting.
Self-hosting nextcloud, I can consider. Self-hosting business accounting?
I'm shook. XD
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48 I mean it's not *that* bad if you have some experience. Then again, that's why VPS providers exist.
Most of my experience is in self-hostable though, I'm not one to trust data like my finances to some other company or provider that could go bankrupt overnight (ironic I know)
nostr:npub17j5xgxhtskpcp0kjd9ldjhm3w6ggns7kkvfp44lk4qsrdwawmjeqvd0ny5
Thanks. Unfortunately, the check printing is still pretty important for our business.
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48 I wonder if anything in the awesome selfhosted list works?
I assume you already checked though.
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48 Like 99% of that could be Firefly III (https://www.firefly-iii.org), self-hosted, web-based, complete with mobile app on F-Droid, just no auto reconcilliation and check printing.
Let me poke around.
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48 8 hours left. 6 of those are going to be sleep.
Let's see if I've retained everything
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48 No, I requested it literally the day I got my Tech license.
That's why I want to do this, because that means I'll have Extra within 18 days of getting Tech.