

Docker Now Part Of Red Hat OpenShift - KenCochrane
http://techcrunch.com/2013/09/19/dotcloud-pivots-and-wins-big-with-docker-the-cloud-service-now-part-of-red-hat-openshift/

======
hosay123
Are you shitting me? Docker is a horrible little Go binary that doesn't even
clean up after itself properly when you CTRL+C it. It's barely documented, it
does barely anything except some macro combinations of tar+wget+lxc with a
schmoozy web site on top.

Who is pushing this thing? Why does anyone even care about it? Does anyone
even know what a Linux container is?

~~~
druiid
Well, I imagine given the current love of Docker on this site you're going to
be down-voted with a quickness, but from what I've seen and done with it so
far I really don't see the great benefit of it over standard LXC. Essentially
it's a neat wrapper and has some cool API features, but I don't see the
benefit beyond that.

Honestly if I was/am going to hitch my cart to LXC I'd probably be going the
libvirt-lxc route so I'd be dealing with something of an actual standard.

Edit: I suppose one reason people might prefer Docker over libvirt would be no
XML blegh, but it's honestly not that bad.

~~~
hosay123
It seems like the core of Docker is little more than a helper script that
should be part of libvirt or LXC proper (which btw, already has a system for
building containers from a template), but that would involve less horn-blowing
and web design than it would submitting boring, well-tested old patches
upstream.

~~~
justinsb
DotCloud have done a wonderful job of popularizing the idea of LXC containers
with Docker. I think the idea of LXC containers as software-distribution
mechanism is a great one, and I credit Docker with getting that idea into my
mind.

It is great to see that many of Docker's ideas are being implemented upstream;
e.g. LXC added support for BtrFS snapshots shortly after Docker launched.
Sounds like OpenShift is considering which Docker ideas belong in their
platform.

It can sometimes be hard to work with upstream projects, who often have a
different world-view. I do like the idea of releasing a "sacrificial lamb"
project that is a demonstration of your ideas, even if long-term all the ideas
belong upstream (i.e. LXC in the case of Docker).

~~~
shykes
I think jQuery is a good analogy. One day jquery might be unnecessary, when
all browsers everywhere implement all the high-level API goodness. In the
meantime... :)

~~~
justinsb
A great analogy. Hopefully - just like jQuery - you can get Microsoft on board
with LXC as well :-)

------
golubbe
This was an awesome collaboration. Over 15 senior contributors at Red Hat
working with us at Docker.

------
KenCochrane
Here is a blog post from docker: [http://blog.docker.io/2013/09/red-hat-and-
docker-collaborate...](http://blog.docker.io/2013/09/red-hat-and-docker-
collaborate/)

~~~
agibsonccc
Red Hats: [http://www.redhat.com/about/news/press-archive/2013/9/red-
ha...](http://www.redhat.com/about/news/press-archive/2013/9/red-hat-and-
dotcloud-collaborate-on-docker-to-bring-next-generation-linux-container-
enhancements-to-openshift)

------
shizcakes
Will you continue supporting Ubuntu / Non-redhat kernel versions as well as
previously? Or does this portend a move like what happened with Gluster?

~~~
shykes
No, Docker is not becoming red hat - specific. From a technical standpoint
this announcement means two things:

1) Docker 0.7 will run on vanilla kernels out of the box. This means virtually
all distros will be supported. It also means wider support for hosting
providers which don't allow custom kernels (Google Compute Engine for
example).

2) Future versions of Docker will _optionally_ support some of the technology
used by Red Hat - most prominently libvirt-lxc and selinux.

The more places you can use Docker, the more useful it is :) So we have no
intention of locking it into a single distro or paas.

~~~
SEJeff
I'm assuming by SELinux you mean the work ontop of SELinux for virtual
machines and containers with libvirtd named sVirt[1]?

[1]
[https://fedoraproject.org/wiki/Features/SVirt_Mandatory_Acce...](https://fedoraproject.org/wiki/Features/SVirt_Mandatory_Access_Control)

~~~
shykes
That seems like the most probable path, although I can't speak for the people
making that contribution.

What I mean, regardless of how we actually implement, is having an elegant way
to deploy containers in environments where the sysadmin relies on SELinux
contexts and labels to implement security.

------
raphinou
Any info on the switch from Aufs? What is the new solution, and how does it
compare?

~~~
golubbe
We're using device-mapper thin provisioning technology. Same copy-on-write
capabilities, but more compatible with upstream kernel versions

~~~
teraflop
Cool. Are there any open issues where those of us who are interested can
follow the details?

My main question is whether this will require users to create a fixed-size
filesystem for each container up front, like you would have to do if you were
using LVM snapshots directly.

~~~
jpetazzo
Each container will have a "fixed-size filesystem", but:

\- it will be thinly provisioned (i.e. it can be 10G or 100G but still use
only a few MB on disk if it's essentially empty, like a sparse file), \- it
can be grown easily.

On the one hand, it's a bit less convenient because you have to care about the
disk usage.

On the other hand, it's great because a single container can't eat up all your
precious disk space (and if you want to run some public/semi-public stuff
that's quasi mandatory).

If you want to check the current code, you can look here:
[https://github.com/alexlarsson/docker/tree/device-
mapper3](https://github.com/alexlarsson/docker/tree/device-mapper3)

------
Nux
This is good news, docker is getting more serious. :-) Thanks god they got rid
of aufs!

~~~
connerbryan
Why "thank god"? I'm not trying to be snarky or rude, I'm wondering what's so
bad about it?

~~~
antocv
There isnt much bad that I see about it but it isnt supported by most vanilla
kernels, so for example to get it on ArchLinux I spent a little time to get
that into a kernel, only later to find out I forgot my virtualbox modules.
Hassle.

I think the idea of unionfs should be in a kernel.

