

Docker joins the Linux Foundation - julien421
http://blog.docker.io/2013/06/dotcloud-and-docker-join-the-linux-foundation/

======
batgaijin
I'm curious why the fuck it took until 2013 to get something comparable to
freebsd jails/solaris zones.

I mean, congratulation guys, but why the hell didn't this happen earlier? I
know I'm not the brightest bulb in the room but this has been a fundamentally
dangerous feature to be missing. I don't get how anyone pretends that their
Linux boxes are secure without some extremely personal contrived creations.

~~~
e1ven
I've been running OpenVZ for years - It works very well.

LXC is built into the kernel directly, rather than a patch, which is very
nice.

So far as I can see, Docker is just some nice wrapper scripts around LXC,
nothing particularly revolutionary in and of itself.

~~~
shykes
Correct, docker is not an implementation of linux containers. The heavy
lifting is done by lxc (and alternatives like openvz).

What docker brings is a way for backend developers to package and distribute
their app into portable, sandboxed containers (think "iphone apps for the
server").

This is only possible now that linux has decent container support, because it
means the vast majority of servers out there can potentially run a docker
container unmodified.

------
general_failure
EDIT: I had previously asked what exactly Docker is.

[https://www.youtube.com/watch?feature=player_embedded&v=wW9C...](https://www.youtube.com/watch?feature=player_embedded&v=wW9CAH9nSLs)
gives a super quick overview. Very interesting technology.

~~~
shykes
Yes, that's exactly the goal of docker: "build once, _actually_ run anywhere".

Docker is a portable container engine. It gives you, the developer, a way to
package your app and all its dependencies into a portable container which can
be deployed on any modern Linux server: local VM, bare metal server, EC2
instance, doesn't matter. Containers are completely sandboxed and do not
interfere with each other (think "iPhone apps for the server").

The specificities of each machine (location, distro, storage, networking) are
abstracted away so you can focus on _what_ your application requires (a known
filesystem state, tcp ports to receive connections...) without having to worry
about _how_ those requirements will be met on each individual machine. This
abstraction is based on common unix concepts - files, processes, tcp
connections - and is therefore not language-specific, so it doesn't matter
what programming language your application is written in.

To do this, Docker relies on a recent feature of the linux kernel called lxc.
That's the part which allows sandboxing of applications from one another. The
concept itself is not new - what is new is that it is now part of the
mainstream kernel, which means almost every server in the world will soon be
capable of running docker containers - hence the exciting possibility of "run
anywhere".

~~~
chc
> _Yes, that 's exactly the goal of docker: "build once, actually run
> anywhere"._

Except doesn't it only run on Ubuntu? I looked at it to see if it might be
useful for my servers, which are running Debian Wheezy, but the "Other Linux"
instructions on the Docker site amount to "install VirtualBox and run Ubuntu"
— which, yeah, anything will run anywhere if you just run it in a VM, but that
was already true.

~~~
shykes
That's just our docs being unclear :) You can run docker on debian wheezy, no
problem.

Docker _is_ currently easier to run on certain distros than others. But it's
not because it's distro-specific. It's because it has _kernel_ requirements
which are more easily met on certain distros than others. Those requirements
are described at
[http://docs.docker.io/en/latest/installation/kernel/](http://docs.docker.io/en/latest/installation/kernel/)
(short version: aufs + lxc + (<=2.6 OR >=3.8))

~~~
tech-dragon
Clean up the docs please.

Even just a list of software and kernel deps, then instructions on how to
compile the rest of the software by hand would suffice.

For now I've had to muck around reading the Ubuntu packaging files to get a
proper idea what/how you install this thing. Which isn't cool. :-(

------
sciurus
I'm glad that dotCloud is contributing money to the Linux Foundation. I'm
curious how involved they are with linux kernel and plumbing development. It
seems like the changes coming to cgroups, for example, could be a big deal for
Docker.

[https://lwn.net/Articles/555920/](https://lwn.net/Articles/555920/)

------
kbar13
sweet! does this mean that AUFS will be included in tree?

~~~
shykes
That would be fantastic. Unfortunately I don't have the answer right now.

~~~
bradrydzewski
Have you considered using OverlayFS in a future version of Docker, instead of
AUFS? It comes bundled with Ubuntu 12.04 and higher, and my understanding is
that it could possibly get merged w/ kernel 3.10

~~~
shykes
Overlayfs has a static limit of 1 ro layer, which makes it useless out of the
box for docker. It's also less proven in production than aufs. Aufs works
great and has no decent alternative.

Merging aufs into mainline feels like the logical thing to do, but clearly
someone in the chain disagrees. It's disappointing but it is what it is.

Btrfs seems like a more likely alternative for docker.

