New RancherOS Offers Lean Linux Functionality Within Docker Containers (rancher.com) 49
RancherOS is a lean Linux distribution aiming to offer "the minimum necessary to get Docker up and running," and tucking many actual Linux services into Docker containers.
An anonymous Slashdot reader quotes Distrowatch:
Josh Curl has announced the release of a new version of RancherOS [which] moves the project out of its alpha status and introduces new features, including an official Raspberry Pi image... "We're especially excited about this since it offers users a cheap method of getting started with Docker and RancherOS."
No, it's lightweight virtualization / jail (Score:4, Informative)
Docker is basically the fastest, lightest type of virtualization. Mainly it gets you a reasonably secure jail. The container contains the entire userland, the whole OS other than the kernel. Some people use this to run both Debian Linux and Android at the same time. Yeah dependencies are handled too, but that's not normally the point.
Some memory is shared, sometimes uses $1 of RAM (Score:3)
Sometimes shared libraries get only one copy in memory. In other cases, you can end up using more memory. Sometimes it's worth a few extra MBs of RAM.
Personally, I've developed some expertise with kvm/qemu, so I tend to use full virtualization more often. Yes, it uses even more RAM. 512 MB of RAM costs me what, $3? I bill at $100/hour, so given the choice between using $3 of RAM or 30 minutes of my time, I'll spend the $3.
Re: (Score:2)
That 512MB RAM costs peanuts for a single virtual machine, yeah. But what if you run hundreds or more? Wasting 10% memory suddenly means you need 10% more hardware for the same number of customers if their VMs tend to have small CPU and I/O needs outside load spikes and thus need mostly RAM for adequate performance.
Re: (Score:1)
... for the same number of customers if their VMs ...
Docker is not a replacement for virtual machines. It probably isn't even secure to have multiple clients on a single Docker server, since they are less isolated than VMs.
Instead, Docker is used to bundle an environment along with an application. It's like creating a somewhat lightweight (preferably single application) virtual server image and being able to run it anywhere with no changes needed, and with any programming language and stack you want. That alone is worth the extra resources spent in many use c
Yes, unless it's many copies of the same image (Score:2)
If it's hundreds of *different* images, that's a tradeoff to consider. If it's many copies of the same image, most memory can be shared. Every approach has advantages and disadvantages.
Until you thousands of instances, the most expensive resource is probably people. RAM, CPU, and storage are cheaper than people, and you don't have to buy health insurance and other benefits for your RAM.
Re: (Score:1)
"wine" has the self-referential/recursive attribute.
Could someone please explain how "docker" exhibits this attribute.
--
I'd rather you do it wrong, than for me to have to do it at all.
Re:Docker is... (Score:5, Interesting)
Docker is a freeze dried VM with mappable ports and filesystem. It runs on several OSs on various platforms. I'm not sure what its killer feature is. It isn't just the ability to include libs with your program - it's a way to include the entire OS with your program - with all the libs and whatever else you need.
Things I do with docker:
* get rid of RVM/rbenv, NVM, and all those other version managers. Just fire up a docker container with the version of ruby/node/whaterver you want
* package up services for deployment (web apps in my case) and toss the image to devops/IT to deploy
* test tools/software I'm not familiar with - not sure if you want to install latest? fire up a docker container and take it for a spin. And when you're done testing, maybe just continue using the container.
* run things on platforms that don't support them. Want to run redis on windows? docker container. Want to run git hubflow on windows without installing extra stuff? docker container.
Re: (Score:1)
The deployment of services sounds interesting, but I have some questions.
Do you have a common system/platform guide that includes hardening etc. for all possible dev OS choices?
Do you have to have documentation for each type of possible dev teams preferred OS or is that all standardized on the dev side?
Does devops/IT apply what they want to the OS before deploying? What if it breaks?
Sorry I could be showing my age- most of my experience comes from the silo dev model (MGMT/DEV/QA/SEC). Everyone had tunnel vi
Re: (Score:2)
Some of your questions make more sense than others. In the context of deploying, docker looks a lot like a VM deployment - except instead of having to build up a VM using chef, and with all the luggage that usually entails, the docker image tends to only be running the service. Imagine a linux kernel with only one process running. So there aren't a lot of edges to harden. Usually the service image gets launched in something that looks like a DMZ behind a firewall with a loadbalancer in front of it.. In
daemons (Score:1)
Thanks to Microsoft, nobody uses the word "daemons" to refer to non-interactive background processes. Even the Linux hipsters call them "services" now.
Docker. Nice pants, you use to cover your asshole.
Re: (Score:2)
"Hacker culture" does indeed reject 'professionalism' as the word is usually associated with pretentious grandstanding over certain codes of behavior and dress. It has little bearing on the things that "hacker culture" does respect: merit, self-reliance, and a desire to learn and master.
ARM since at least 2011 (Score:3)
By 2011, Docker had ARM support.
https://github.com/docker/dock... [github.com]
Not official, been working for years (Score:2)
> isn't officially supported yet; it is in RC status. For now ... use a custom build, or build it yourself
Yes, you can either download an unofficial build or compile it yourself, like people have been doing for years now. Gmail and Google Maps were officially beta for years, not officially supported as millions of people used them. You seem to confuse "officially supported" vs "works".
booter floppy (Score:5, Insightful)
So they put their program on pid 1, on bare BIOS^Wkernel? Ah booters of the old times...
And this line [rancher.com] made me smile:
System Docker replaces traditional init systems like systemd
So CADTs are moving away from systemd as fast as they flocked to it, while the rest of us are smirking.
Re: (Score:2)
You do mean "Cascade of Dyslexic Teens", right?
Re: (Score:2, Funny)
Nice to see legacy inits like System D being deprecated in favor of more modern approaches, there will be some resistances from system d grey beards who refuse to learn new things but they should be grateful someone is developing code code for them for free. If they don't like new shiny they should fork and go away, after all the code is available.
Score: 5, Exceptional (Score:1)
Nice to see legacy inits like System D being deprecated in favor of more modern approaches, there will be some resistances from system d grey beards who refuse to learn new things but they should be grateful someone is developing code code for them for free. If they don't like new shiny they should fork and go away, after all the code is available.
Extended golf clap.
Very nicely done.
Re: (Score:1)
It's Dockers all the way down!
Re: (Score:2)
That is exactly what they are doing.
So basically... back to LXC containers? (Score:2)
Ubuntu Core (Score:2)
So this is basically just Ubuntu Core using docker containers instead of snaps?