

Docker on Linode - ljoshua
https://blog.linode.com/2014/01/03/docker-on-linode/

======
nivla
Does anyone run docker on a production server? Can it be used for better
isolation and security? I am new to docker, so apologies if this turns out to
be a naive question.

~~~
odonnellryan
That's only a potential use for Docker.

Docker is awesome for several other reasons, one of which is "shipping."

Google uses not Docker (that I know of) but containers for a lot of their
development.

~~~
ihsw
> Google uses not Docker (that I know of) but containers for a lot of their
> development.

[https://github.com/google/lmctfy](https://github.com/google/lmctfy)

Interest in it seems to have died down.

~~~
dengnan
> Interest in it seems to have died down.

Not really. AFAIK, they are right now preparing the next release and there
will be a lot of activities on lmctfy in 2014.

~~~
shykes
Docker author here.

I have met with the lmctfy team, they are indeed awesome and doing very cool
work, in particular around providing a higher-level and more ops-friendly
interface to cgroups for resource limitations, one that emphasizes application
profiles and SLAs over tweaking dozens of individual knobs.

I really want to make this available as a docker backend, and they seemed to
like the idea - something was said about Go bindings possibly coming soon :)

------
odonnellryan
Hey!

When doing this, do you run the latest unit tests on the source as well? Do
they pass?

Important: If you're targeting developers, and those devs use Docker, they
might contribute to Docker. If they do, they'd need the tests to pass.

Currently, on DO, the tests do _not_ pass.

Thanks!

~~~
akerl_
The Linode kernel appears to only fail the AUFS portion, as expected:

[https://gist.github.com/akerl/8245192](https://gist.github.com/akerl/8245192)

I'm not sure how the Docker devs handle non-AUFS-related contributions from
contributors whose systems don't have AUFS (whether a failure on any tests
means they refuse to consider patches, or whether they consider the tests
relevant to the patch).

~~~
nickstinemates
> I'm not sure how the Docker devs handle non-AUFS-related contributions from
> contributors whose systems don't have AUFS

We kindly point them to our use of libdevmapper, the other storage driver for
Docker.

And I should add, we should probably refactor those tests to detect storage
capabilities like the Engine does.

~~~
akerl_
That's what I figured, and I'm glad to have it confirmed.

I've seen enough projects that have a rigid "if your dev environment isn't
perfect, your code's no good to us" mindset that I was wary.

Also, just wanted to say that the Docker installation process and the rest of
the Docker docs have been amazing. Originally, I was looking at writing a
quick guide on getting up and running with Docker on Linode, but we decided
linking the official docs made more sense considering how comprehensive they
are.

~~~
jamtur01
That's awesome to hear! If you have any feedback on the documentation or would
like to see other material please reach out to me: james.turnbull@docker.com.
Or log a ticket and cc me on GitHub: jamtur01.

------
seaghost
I'm trying to understand why people pushing using of docker in the cloud
instead of dedicated server. In the cloud it adds additional unnecessary level
of abstraction.

~~~
IgorPartola
Dedicated hardware typically has a large upfront cost. Also, it's a fixed
resource, so for some workloads the "cloud" is more flexible (whether that be
simple VPS's with quick provisioning a la DigitalOcean or AWS).

From what I understand the overhead in performance is negligible, while giving
you very fine grained control over your resources. Say you have a web
application, a front-end reverse proxy, a database, a cache, a background
worker process, and a message queue. Throw all these components into separate
containers on a single server while the load is low. Then move the DB
container into a separate VPS as your traffic grows. Or try doing an upgrade
of the message queue in a brand new container, and if it fails, just don't use
it.

Sure, you can do the same thing with a VPS, but then you are paying the per-
hour fee for it, while 99.99% of its resources will go unused.

------
SEJeff
As a longishtime Linode user, this makes me extremely happy. Keep it coming
linode. Not that pv-grub is beyond my linux-foo by any means, but after
working on Linux all day professionaly and dealing with
$latest_version_of_fedora on my home pcs, I'd rather not play sysadmin too
much more on my vps boxes.

------
saosebastiao
Sorry for being so uninformed, but is this running docker directly on the
kernel, a la CoreOS? Or is this running in a VM?

~~~
orthecreedence
The default Linode kernel (for all VMs) was updated/recompiled to support
features that Docker needs to run.

So it allows you to run Docker in an existing VM (provided you reboot the VM
with the new kernel image).

------
jaequery
shouldn't docker pretty much run on any host platform that supports modern
linux kernels (lxc)?

~~~
akerl_
Docker requires some kernel options both for networking (VLANs/etc) and
devicemapper (thin provisioning, in particular) that the Linode kernel didn't
have enabled before. You could run Docker on a Linode by using your own kernel
with PV-GRUB, but we've now flipped the right bits in our default kernel.

