
The demise of Docker and the rise of Kubernetes - al_form2000
https://thehftguy.com/2019/10/22/the-demise-of-docker-and-the-rise-of-kubernetes/
======
siquick
The real world is still very much using Docker. Infact a few companies I've
interviewed with this year aren't even using any kind of container setup and
they're doing just fine and making money.

This kind of article just adds to the Jonesing-for-shiny-things mentality that
really doesn't do the engineering world any favours.

~~~
feketegy
Not even docker, mostly AWS or dedicated servers or even VPS...

No small site needs kubernetes/docker orchestration and that's fine.

~~~
zer0tonin
Docker isn't just for orchestration. I've used it in a very small company and
even use it for personal project just because it provides me with an easy to
set up and portable development environment.

~~~
GrumpyNl
For my small personal projects, xampp is sufficient.

------
psv1
> If you’re (only) a docker expert, you’re in troubles right now. There are no
> more jobs looking for docker expertise and you’re dangerously close to
> unemployable.

This is such a silly and unrealistic argument - no one is a docker-only
expert. And docker _is_ a desirable skill, just not on its own. It's like
saying that git-only experts are unemployable.

~~~
gobins
Just speaking for myself, I have done a lot of work with docker and container
orchestration but I have not worked on k8s. I see recent job ads are more for
k8s experience.

~~~
luckylion
I'd love to see a comparison between job ad terms and popularity on stack
overflow & co. From the, admittedly little, experience I have with job
postings, I've felt that a lot of those that are actually looking to hire (and
aren't just using job ads as cheap PR/marketing) tend to be a mix of "it'd be
nice if the person knew about X", "let's make this look interesting, so people
actually bother to apply" and "hey, I've read an article about Y recently,
that's a thing, right? put it in there".

------
wooptoo
> If you’re (only) a docker expert, you’re in troubles right now. There are no
> more jobs looking for docker expertise and you’re dangerously close to
> unemployable.

> Kubernetes has succeeded where docker failed. Management buy-in.

This must be one of the silliest articles I've read in a long time. Computer
science and engineering does not revolve around the latest devops flavour du-
jour. It will be something else in three years time anyway.

The real innovation around Docker was taking existing building blocks which
were not straightforward to use on their own (linux cgroups, overlayfs) and
bringing them under a cohesive package that's accessible to any developer.

~~~
infogulch
I would say docker's real innovation was the introduction of reproducibility
to system software at the OS-level. Or, it was a vote of no-confidence in the
old way of patching/upgrading/deploying/building software. Or, static linking
won.

The Linux features like cgroups/overlayfs etc that were used to deliver
reproducibility at an acceptable performance cost are more of an
implementation detail than the actual innovation, imo. I think one of the co-
founders of docker might agree [1].

[1]:
[https://twitter.com/solomonstre/status/1111004913222324225](https://twitter.com/solomonstre/status/1111004913222324225)

------
protomikron
And yet I still have to deploy my first Kubernetes setup and have used Docker
multiple times ...

Is there some kind of "Kubernetes-light" out there? So something like in-
between running services like NGinx and Postgres on bare Linux machines and
having this (I think complex) Kubernetes setup? It's important to say that I
don't need any scaling capabilities (apart from maybe some load-balancing in
case of a machine error).

~~~
wyaeld
easiest way is just start experimenting with GKE on google cloud, and see if
it has value to you. Don't bother trying to deploy and manage it before you've
kicked the tires.

Out of the box its quite good, depending on what you are doing, once you have
cert-manager issuing you free certs, linkerd managing a service mesh, and
stackdriver giving you an entire ops stack, its a bit hard to go back

~~~
protomikron
How big is the vendor-lockin though? Let's say I want to use both Hetzner
Cloud and GCP instances - I am sure it's possible, but the question is how
much of a hassle it is ...

~~~
bonesss
That depends on your app portfolio (naturally), how impacted it is by k8s
version changes, and how much cloud specialization it requires.

You're probably better off on k8s than just about anything you didn't write
yourself wrt to vendor lock-in. The true lock-in, IME, are when you use cloud
features that aren't portable. Humble apps are fine, but ambitious apps are
bound to those ambitious capabilities.

Seen next to comparable parallel installations it's a pretty minimal of per-
environment specialization, and you can generally tweak the environments to
support transparent parallel deployments. It's the differences in how load
balancers work and which resources are immediately available that create work
since the abstraction layer may not fully abstract away the environments.

------
FpUser
This type of propaganda is an insult to human intelligence. What, the author
is hoping that the readers underwent a lobotomy?

~~~
guiriduro
Or maybe, its so obviously wrong, it must be pure clickbait.

------
jka
Docker is still pretty embedded in a lot of workflows, thanks in part to its
use by-default in many Kubernetes distributions, and the popularity of Docker
Hub - not to mention various tutorials and scripts which refer to docker
tooling.

But yep, I'd agree with the general premise here - with the emergence of tools
like cri-o[0], podman and buildah (which let you build and ship container
images without the need to run a background daemon like docker at all,
avoiding the associated operational/security/system overheads) - docker may
need to evolve or it'll quickly become less favourable.

Project Atomic[1] runs a good PPA with many of these packages for anyone
interested and using Ubuntu.

[0] [https://cri-o.io/](https://cri-o.io/)

[1] [http://www.projectatomic.io/](http://www.projectatomic.io/)

~~~
raesene9
From what little I've looked at podman, the "no daemon, rootless" story isn't
quite as straightforward as it might appear.

For starters, you couldn't expose ports as a standard user running podman last
time I used it . Also every container got it's own conmon process, so there's
still an overhead, it's just done differently.

~~~
jka
Fair point re: conmon, and yep, even in the strictest sense of the word, it is
a daemon now that I read up on how it executes the container.

I guess it's better to say that only a _monitoring_ daemon is required with
this setup (rather than all of the additional daemon services that docker
provides).

Re: rootless podman, it looks like there's a good resource to track progress
here:
[https://github.com/containers/libpod/blob/v1.6.2/rootless.md](https://github.com/containers/libpod/blob/v1.6.2/rootless.md)
\- that must be a common ask, could be interesting to track.

(I'm definitely guilty of being overoptimistic about these tools, but do hope
they improve because the principles behind them seem very sound)

------
bloogsy
A badly written, rambling article that seems to provide no insight and
declares Docker dead because k8s is the flavour of the month. I felt stupider
the longer I read on.

------
sandGorgon
Docker has not built support for cgroups v2 - which has been available in
linux for 3 years.
[https://github.com/opencontainers/runc/issues/654](https://github.com/opencontainers/runc/issues/654)

in order to force this issue, Fedora has made cgroups v2 as default and
mandatory in the new upcoming Fedora 31 causing docker to fail to run.
[https://github.com/docker/for-
linux/issues/665](https://github.com/docker/for-linux/issues/665)

Podman (and other docker equivalents) have supported cgroups v2 for years.

I suspect that k8s will move away from docker to recommending one of the
alternatives pretty soon.

~~~
raesene9
Out of curiousity, have you seen anywhere using CRI-O/podman in production in
place of Docker anywhere?

~~~
sandGorgon
[https://github.com/cri-o/cri-o/blob/master/awesome.md](https://github.com/cri-o/cri-o/blob/master/awesome.md)

there are sections on using cri-o on EKS AWS

------
pjmlp
Me not using any of them, still doing old style on-premises deployments, VM
based.

I bet in about 5 years time we will be reading a similar article about
Kubernetes.

~~~
YesSureThing
Already happening: just use serverless!

~~~
pjmlp
I guess you mean CGI.

~~~
jopython
xinetd

------
Anarch157a
For 99.9% of the uses, k8s is a cannon, while the problem you're trying to
solve is a fly.

Use the right tool for the job, please. Trying to force something, just
because it's thw buzzword of the day, will only waste money and bring
suffering.

------
gatvol
Kubernetes is a thick, complex wrapper around deploying Docker applications.

~~~
cwingrav
My opinion: Kubernetes is a simple wrapper around Docker containers, that has
a tremendous number of gotchas.

The overall concept is pretty simple: You create a deployment that spins up
pods which are your containers. You create ingress and services to direct
traffic to the pods. You configure it all with environment variables through
ConfigMaps and Secrets.

However, there are still so many one-line commands you need to add to YAML or
weird networking issues, or set of commands you have to type in each time, or
permissions that are hard to configure and manage... And creating a cluster is
a pain, unless you use something like kops. Great tool but it too takes a few
hours to figure out even the basics.

I think in time, Kubernetes will get worked out. I love the core of
Kubernetes. It took so, so long to figure out the rest.

~~~
Jedi72
Virdings law...

------
outime
I'm not particularly fond of Docker but I don't see it going away any time
soon. I acknowledge there has been alternatives around which were better in
some aspects than Docker yet haven't worked in a single company that didn't
use Docker with Kubernetes or other orchestrators (e.g. AWS ECS). Not saying
they don't exist, but it's very rare on my experience (both as fte and as a
consultant).

Also I have never met a dedicated "docker expert" as the article calls it. I
mean, is there any company out there who's hiring people that _only knows
Docker_? Does that make any sense?

Docker may get replaced by alternatives as they start getting more traction
over time but I don't think this will happen all of the sudden - Docker is
still relevant for good or for bad.

~~~
HelloNurse
It would be worrying if something as basic as Docker required an expert's
worth of arcane procedures, workarounds, tricks, ancillary tools and so on.

In my experience Docker is almost as trouble-free as it should be, with
straightforward tools to make mistakes and undo them; it requires good
engineers who know what they want, not wizards who know how to get it.

------
linuxdude314
They should have accepted the buy out offer when they had a chance, but were
arrogant and insisted that their valuation should be greater than VMWare at
the time. Of course this never really made much sense if you understand the
behind-the-scenes tech Docker uses.

This is a great precautionary tale to founders and an awesome example of
hubris at play.

Docker's biggest problem was that they provided tremendous value with their
opensource product, leaving few to have any justifiable reason to pay them
money.

They courted Riot Games for years, until finally they flat out told them they
would never see a penny from them. There are many things that can be learned
from a business perspective here...

------
tilolebo
The best reason to use Kubernetes (and in many cases the only reason) is to
boost your employability.

It gets harder and harder to find a stack that doesn't rely on it.

At my company, we chose to use ECS/Fargate when possible. It integrates nicely
with SSM Parameter Store for config and secrets, and has a simple service
discovery feature based on DNS.

A few services run on EC2 + ASG, using AMIs build with Ansible and Packer.

Are we missing something by not using Kubernetes? Is the experience so
amazing, compared to ECS? I don't care about vendor lock-in.

~~~
user5994461
Author here. It's all about employability indeed and it's sad many other
commenters don't seem to grasp that.

DevOps/SRE jobs are full on discriminating for kubernetes experience, not
docker, and preferably on their exact stack AWS ECS, EKS, GKE, etc... it can
get real tough as a job seeker if you're not on it.

------
skywhopper
This article just sort of meanders without going anywhere or providing any
insight. Certainly no new insight. Docker the company didn’t manage to solve
the right problems in time. K8s hype is through the roof.

But the irony is that the Docker infrastructure is a critical dependency for
the vast majority of K8s users. And if it falls apart, a lot of stuff is going
to break. I hope someone has some contingency plans for Docker Hub going away.

~~~
user5994461
I tried to cover that near the conclusion. It's likely that someone would
offer docker a reasonable amount because of the docker hub and the registered
users. Don't think they would sell though.

AWS, Google, Azure should already have mirrors in place for their own
offerings, should be ready to substitute to docker hub.

------
rkangel
This article makes the classic assumption that deployment of web services is
the entire world.

We use docker as part of our CI, because that's what Gitlab uses for our CI
system. It works very well. Of course we could use podman locally (and I do on
some machines), but Gitlab will still be using docker for us.

------
gbtw
On a side note most of these systems use YAML and as a dyslexic i really have
a hard time spotting indenting issues and issues where i should have been
using lists. Getting an ide with support for it doesn't make it better.

------
nickthemagicman
This is like saying "The demise of Wheels and the rise of Automobiles"

------
aliswe
I think that Kubernetes can run with CRI-O as the container engine instead of
docker, with a nice performance increase since docker is more than just a
simple runtime. Iirc it even has slots ...

------
taylodl
Well my firm, a F200 organization, is going with Docker. We looked at Pivotal
Cloud Foundry and Red Hat OpenShift and chose Docker. Why? For one it's
cheaper but the killer was with Docker EE 3.0 we get Kubernetes and Swarm. We
have vendors who are now deploying software to us using Docker and some are
using Swarm and some are using Kubernetes. With Docker we get the best of both
worlds. So it may be a bit too early to go ringing the 'Docker is Dead' bell.

~~~
segmondy
OpenShift and Docker are apple and oranges.

~~~
taylodl
I'm actually talking about Docker EE

------
shusson
Coming from someone who only uses docker for development purposes, Kubernetes
feels like an overly complicated solution for a problem that 1% of development
teams need.

------
AzzieElbab
Docker is too simple and limited to make a living off it

------
segmondy
thehftguy sometimes has very good articles, but it's obvious he doesn't
know/understand much about the container landscape. He would be correct if he
said, "The demise of Docker swarm and rise of Kubernetes"

For those that don't know, Kubernetes is a container orchestrator. That means
when you have lots of containers, hundreds or thousands and lots of servers to
run them on. Instead of wiring them manually and deploying them manually,
kubernetes make's it easy. kubernetes will decide which server to run them on
and wire them together, if a server goes down, it will restart the down
containers on new servers provided you have the capacity.

Imagine that docker is a computer program, kubernetes is the operating system.

~~~
user5994461
Author here. Thank you.

The point is really about docker, not docker swarm. Kubernetes is integrating
the whole ecosystem vertically and it's being leveraged to push out docker.
There are lots of actors at play incentivized and actively working against
docker (not just docker swarm).

I guess it's more of a business and marketing lesson if anything.

------
gvv
Docker swarm never really took off.

~~~
okusername
random networking issues

------
jannes
> If you’ve run a “apt-get install mysql” in the past decade, high chances it
> setup MariaDB instead, getting aliased and substituted transparently.

Is that true on Ubuntu/Debian? I couldn't find a source for this.

~~~
user5994461
True on Debian. I don't remember much articles or noise about it, it sort of
just happened.

One article here, debian jessie 8 is from 2015.
[https://mariadb.com/kb/en/library/moving-from-mysql-to-
maria...](https://mariadb.com/kb/en/library/moving-from-mysql-to-mariadb-in-
debian-9/)

------
ryanthedev
kube will die before docker. kube is not fun. VMware should buy docker. We
should write a much better container orchestration platform with layer 7 in
mind and multi regional availability.

------
supermatt
What are you using to build your images for kubernetes?

~~~
omgwtfbbqhihihi
a docker image

~~~
swish_bob
However at work I am explicitly disallowed to run Docker locally, and instead
I'm expected to build my images directly in my dev OpenShift environment, yes,
from a Dockerfile, but no docker-build for us ...

------
collyw
Don't most people use both together?

