
Phusion Passenger Docker - Lazare
https://github.com/phusion/passenger-docker
======
KurtMueller
Does anybody know of any Chef/Puppet/Ansible/Salt like service for Docker
containers? Yes, I understand that Dockers are easily reproducible and you
throw them away and replace them after updating its configuration.

However, there has to be something to manage the docker containers themselves
- I imagine after 10 or so container sitting on a vm, it could get unruly to
manage by hand.

Also, I've listened to speakers that mention long lasting services (like a
database) should be handled differently in Dockerland - however, nobody I've
listened to has spoken extensively about it.

~~~
lukebennett
This is an area where there's a lot of growth in tools/services/approaches.

A couple to start you off with are Fig[1] (acquired last year by Docker
themselves) and Shipyard[2].

[1] [http://www.fig.sh/](http://www.fig.sh/) [2] [http://shipyard-
project.com/](http://shipyard-project.com/)

------
neebz
Would this work on AWS EC2 Instances?

Amazon runs it's own variation of Linux which is different from the base image
of this docker i.e. Ubuntu 14.04 LTS ?

~~~
tinco
Yes, as long as your kernel is new enough to support Docker (and that of 14.04
is) then your Docker container will run on it, no matter what the base image
is.

This is thanks to Linux' relentless binary API backwards compatibility. The
only thing your container interacts with is the kernel, and the API of the
kernel never changes, so it'll run on any Linux operating system that's new
enough to run Docker at all (and is 64-bit).

------
fit2rule
I'd love to have one of these, but for OpenResty and luvit. Lua, in other
words.

------
totallymike
I remember playing with this image back in July. It's pretty handy, and pretty
easy to get up and running. What's changed about it recently that it's getting
publicity again?

~~~
FooBarWidget
You can consult the changelog for the history of changes. Various improvements
have been contributed by the community. Things are more polished and bugs have
been fixed.

------
aliem
As I see this it's yet another attempt to use containers for virtualization.

I'm sorry if I am completely missing the point of this effort.

~~~
teh_klev
I think you are, see:

[https://news.ycombinator.com/item?id=8971353](https://news.ycombinator.com/item?id=8971353)

------
lukebennett
Generally it's best to have one role (some would say one process but that
isn't always pragmatic) per container. This approach advocates having multiple
roles within the same container (e.g. app, db).

I can appreciate the benefits of the underlying phusion-baseimage for
addressing some common pitfalls and hurdles, but this layer on top takes
things too far in my opinion. Ok, you have the option to customise it, but
that comes across as an optional extra rather than an advised approach.

~~~
FooBarWidget
This is false. This image does NOT advocate multiple roles in the same
container. Passenger-docker does NOT come with a database.

It provides the option to have memcached and Redis inside the container, but
it is optional and not installed by default. You have to explicitly enable
them.

Passenger-docker only handles a single role: the app. Depending on your
viewpoint, caching may or may not be considered to be a logical part of the
app. This is why we provide the option. But again, disabled by default because
we go for lightweight by default.

~~~
lukebennett
I didn't say that it came with a database, I said that it advocates multiple
roles per container - skim down the list of what's included and you see
multiple languages, web server, app server, aux services and tools. First
impressions are that this image is one-size-fits-all (Whilst I can perceive a
distinction myself, I can understand why others in this thread have taken this
to be an attempt at emulating a VM).

I take your point that there _may_ be situations where it's pragmatic to have
memcached/Redis in the same container as your app, and that they are disabled
by default, but I still feel the balance of the README is wrong as it doesn't
sound any kind of warning that you probably don't want to do that in most
cases.

I'd suggest the README could be improved to better communicate the intended
use cases of the images.

~~~
FooBarWidget
> and you see multiple languages

But they're not all included in the same image. We have 8 variants, 6 of which
only contain a single language. There is 1 which contains everything, and
there's 1 which contains nothing and is meant for customization.

> web server, app server

The web server and the app server are the same thing. Passenger is an Nginx
module.

> aux services and tools.

Only the minimum possible to allow regular administration, inspection and
debugging.

> First impressions are that this image is one-size-fits-all

But it is not. That's why we have 8 variants. Early in development we've
explicitly made this a many-sizes-fit-all thing.

> and that they are disabled by default, but I still feel the balance of the
> README is wrong as it doesn't sound any kind of warning that you probably
> don't want to do that in most cases.

Fair enough, though I disagree. I'd rather assume the user knows what he's
doing. If he chose to enable Redis then there's probably a good reason for
that.

~~~
lukebennett
I realise all this now. So do you - more so than most people as you're
intimately familiar with the image.

I'm explaining the impression that it gives, rightly or wrongly, to those not
as intimately familiar with it as you; those less familiar with Docker who may
read through the README and come away thinking that it's ok to mix roles
without appreciating the unwritten use cases you actually had in mind; those
newer to Docker who have a Node app and a Ruby app and think "hey, this
passenger-full image looks convenient, I'll use that" without appreciating the
implications.

> It's even better than that: Redis and Memcached aren't even INSTALLED by
> default. Thus, no warning is needed. If you don't explicitly choose to use
> them, you do not pay any price.

Doesn't say that in the README, just says they're disabled. The fact they're
not installed doesn't impact on the impression that's given.

~~~
FooBarWidget
Yes I was wrong about that last point, sorry about that.

------
whatwhynonono
Using this Docker image doesn't give you one of the big benefits of Docker:
being able to package your application in a light-weight way. This image
creates an entire init system inside of Docker! May as well just use a virtual
machine at that point.

    
    
       * Ruby: https://registry.hub.docker.com/_/ruby/
       * Python: https://registry.hub.docker.com/_/python/
       * Node: https://registry.hub.docker.com/_/node/
       * Meteor: https://registry.hub.docker.com/u/danieldent/meteor/
    

What's special about those? You get an ONBUILD version too. You can package up
your app along with Python/Ruby/Node/Meteor.

And the other dependencies (i.e. database) have Docker images of their own
that you can use.

Nice and composable, reproducible infrastructure.

This phusion-passenger-all-in-one monstrosity puts us back in the pre-Docker
days.

~~~
FooBarWidget
I am the author of passenger-docker. It is not true that this image is like
creating a virtual machine, or that it is not lightweight. The image is very-
much in line with the Docker philosophy, as I’ve described in this blog post:
[http://blog.phusion.nl/2015/01/20/baseimage-docker-fat-
conta...](http://blog.phusion.nl/2015/01/20/baseimage-docker-fat-containers-
treating-containers-vms/)

You talked about “an entire init system”, but this init system is a
lightweight, stripped down variant written especially for Docker. The entire
thing is just a few hundred lines Python script. You may be thinking that an
init system is not necessary in Docker, but that is not true, as I’ve
explained in “Docker and the PID 1 zombie reaping problem”:
[http://blog.phusion.nl/2015/01/20/docker-and-the-
pid-1-zombi...](http://blog.phusion.nl/2015/01/20/docker-and-the-pid-1-zombie-
reaping-problem/)

With passenger-docker, you only create an image with your web app in it, plus
an app server to run that web app. Nothing more. The database is still
external. Memcached and Redis are not installed unless you explicitly enable
them. The image is lightweight as you can expect from Ruby, Python and Node.js
apps.

In fact, we've explicitly split the image 8 variants, each variant containing
only the minimum possible: [https://github.com/phusion/passenger-
docker#image_variants](https://github.com/phusion/passenger-
docker#image_variants)

Passenger-docker is very much in line with the idea of composable,
reproducible infrastructure. Nothing in passenger-docker violates those
principles.

~~~
KurtMueller
Hey FooBarWidget,

I just wanted to thank you for all your hard work and for putting this out
there for people to get up and running with Docker.

Of the videos I've watched on deploying Ruby on Rails apps with Docker, this
container always gets a shoutout as an easy way to get started.

~~~
FooBarWidget
Cool, I'm glad you appreciate it and good to know it's featured in videos. Can
you tell me which videos? I'm not aware of anything like that.

~~~
KurtMueller
Here's one!

[https://www.youtube.com/watch?v=mVN7aTqr550](https://www.youtube.com/watch?v=mVN7aTqr550)

