Hacker News new | comments | show | ask | jobs | submit login
Hitler Uses Docker, Annotated (zwischenzugs.wordpress.com)
177 points by slyall on July 31, 2016 | hide | past | web | favorite | 49 comments

Best moment:

"I'll move everyone to windows!"

-> Girl crying

-> "Don't worry, you can use bash on Windows 10 now".

I lost it at that one!

Kidding aside, this is highly educational.

also made me crack up.

"You think everything in [a] public repo is secure because it's OSS?!"

The original line was:

"Everybody has been lying to me. Even the SS!"

The timing of the "SS" part matches almost perfectly. That was a really nice touch. Bravo!


"You don’t even run your own machines anymore! People run on GCE, in VM instances that run in Linux containers on Borg!"

Or just use zones or jails. They don't solve all your problems, but they ARE secure, and you don't have to run them on a vm in production.

Just sayin'.

You know Oracle is about to release a Docker for Solaris port? Using zones? Docker is a set of tooling that makes process isolation technology easy to use, if you don't like Linux that is a different issue.

I'm not sure Docker makes isolation and resource constraints significantly easier, compared to pre-existing technologies (OpenVZ, LXC) - such things were already very easy to use with those. Maybe Docker makes some things even easier, but just slightly - like pre-configured port forwarding.

Moreover, I'm not really sure Docker is about isolation any much. I think I've read that I shouldn't rely on isolation it provides.

The essence of Docker, as I get it, is mostly about the image/layer-based dirt-cheap packaging, playing well on the deficiences of most commonly used packaging systems (dpkg, rpm, pacman), like inability to have multiple versions of the same package set up at the same time.

I even use docker in hobby-projects, because it makes (once you have figured it out) deployment so easy. Its easy to ship, update and ships fully configured (especially if you the debug and production docker-compose share a common root).

It still sometimes happens that i am amazed how easy it is. A few weeks ago i switched servers for a small project and docker-compose up was all i needed to do.

How do you manage secrets (e.g. passwords or keys)?

I was puzzled by this and came to the conclusion Configuration Management [CM] is best left to the actual CM tools, and Docker just isn't one.

That was in the days docker-compose wasn't even a choice for me, because docs explicitly said that it's not for the production - but even now I don't see a sane way to automatically (re)configure 2-3 hosts[1] in with a single CLI command (and keep the secrets defined in one single "master" place that's outside of version control) with the Docker-provided toolset. Which is dead easy with Salt or Ansible (+bare Docker, of course, since it's Docker containers that are deployed)

(Haven't looked into recently-introduced Docker Swarm, though, maybe they have something there.)

yeah, thats still not easy (or trivial, its not hard) for larger projects.

I use environment variables for smaller projects, i have predefined environment variables for the images that get substituted for the real thing by docker compose, which in turn uses environment variables (here is an example: https://github.com/intellimate/Server/blob/master/image/comp...).

For larger projects i would use docker-swarm or kubernets, they have their own solution.

I tried lxc around the same time as docker and the experience was like night and day.

Experience - yes, but in which area?

Compared to LXC templates, Docker provides quite nice UX in terms of image building and management. Well, as long as one doesn't hit any limitations or their scenario doesn't have some corner cases, but that's the same for every tech out there.

However, GP mentioned "process isolation technology" and I don't think this is where Docker particularly excels above any other isolation technology out there. When you have the container prepared (this is where Docker's UX excels, compared to others), isolation is easy with nearly anything.

Well, I was talking about Docker's implementation on Linux. Which has had some quite nasty security issues in the past. Although it is getting better...

You can like Linux and zones at the same time, thanks to lx-branded zones in SmartOS.

> and you don't have to run them on a vm in production

You don't need to run Docker in a VM either unless on a non-Linux platform.

You're right. Sorry. Mistyped.

Although it seems Docker's security has also improved of late...

The best part of this is that buddy spent first 15 seconds of the video explaining the system improvements they made before getting to what was essentially "by the way we had 70% unrecoverable data loss". haha!

What's the point of using Hitler?

It's a long-running meme to use this movie clip and subtitle it in different ways. Some do a better job than others. My personal favorite is Hitler uses Git[1].

[1]: https://m.youtube.com/watch?v=CDeG4S-mJts

I can never enjoy these clips since I speak German. So I can't read subtitles that say other stuff than what the people in the clips say.

I guess it is something one has to learn.

I do speak German and can still follow, because in Portugal we always subtitle except for children movies, so we learn to selectively pay attention to either subtitles or audio depending on the movie and our language skills.

As far as I am aware this happens in all countries that have a subtitles culture, instead of dubbing like in Germany.

However I am also not a big fan of these clips, given the historical relationship. Not sure how much one should actually it for jokes.

"However I am also not a big fan of these clips, given the historical relationship. Not sure how much one should actually it for jokes."

Grey area for me. It's a fictional work, AFAIK, based on some evil shit in history I generally don't joke about. The scene is nearly perfect for remixes to the point many great ones have been made with it. SO, on other hand, maybe remixing his downfall in educational and entertaining ways isn't so bad after all. :)

mute button?

Saving Private Ryan dubbed in German was very confusing too. :)

That one had me nearly spitting coffee. Thanks haha.

Thanks. So it's a meme about apportioning blame.

It still seems weird to joke about Nazis.

No, its the right thing to do. If you joke about something, it looses its mystizim, its dark alure. No one wants to worship some meme.

Its similar with "Mein Kampf", Hitlers book. In Germany, the copyright ran out and it was sold again on Amazon. However now people see, how batshit crazy the guy was and what a shitty book it is. It lost most of its appeal.

As German, I say: Bring more Hitler jokes. Bring all you have.

Sure. But this meme isn't about how batshit crazy Hitler was. It's about how incompetent his generals etc were. He gets to make the cutting observations. In contrast, the fictional musical "Springtime for Hitler" in Mel Brooks' "The Producers" does make fun of him.

You are right. Normally in these spoofs Hitler reacts to some outside force shattering his dreams. The outside force usually being a corporation producing a movie or video game, the dreams shattered being his expectations of that movie or video game. In this instance he is just ridiculing his generals and I guess the general Docker community.

If the meme was applied properly it would be Hitler himself who set up the Docker cluster, and the generals informing him of the ways it failed. His monologue would be about his own expectations of the greatness of Docker and how the Docker team or cgroups abstractions failed him.

The difference is subtle, but it's definitely true that in this application Hitler is not ridiculed, which makes the whole bit more awkward and less funny.

First one I saw was this cloud computing smear by Marcus Ranum:


It's cool to hurt people.

Edit: This is sarcasm.

Poe's law, my friend.

I get it is 'funny meme', but it is getting a bit old.


1) Take any trending tech, write a cynical piece about it. 2) Post to Hacker News 3) Repost to Hacker News 4) Rake in the internet points.

Improved experience? No. Suggested alternatives? No. Made the world a better place? No. Helped original OSS authors out? No.

Had Fun? Maybe.


Wrote a book about how to use docker effectively that you can see at the bottom of the post? Yes.

Didnt read the article and came to HN to make a pithy post? Yes.

Achieved the goal intended. Not really.

>Improved experience? No. Suggested alternatives? No. Made the world a better place? No. Helped original OSS authors out? No.

Sometimes pointing the idiocy in a new development (and the IT world is a set of one BS snake-oil cure after another with some decent technology slowly progressing intermingled) is enough to make the world a better place.

Docker is a well funded enterprise, they can stand a little ridicule - especially when it points out existing, as of yet unsolved issues. You may dislike the form in which the message was delivered but a farce can be quite educational while still being funny.

This isn't even a critique/ridicule of Docker. It's an explanation of the technologies and names used in the satirical video.

The author, Ian, actually does a great job of explaining Docker and it's use in this post.

Actually the video's OP also released this: http://slides.com/nukemberg/docker-the-fine-print#/ which is highly educational and recommended

Oh well. He released it on hipsterish javascript-driven trendy-fonts-everywhere fancy-navigation site-nobody-knows-about instead of just make a darn PDF.

Maybe because it was created as a presentation and the author shared his slides for everyone's benefit.

> Take any trending tech, write a cynical piece about it.

I think you misunderstand the situation. Ian Miell, the author of the blog post, wrote an analysis and explanation of a joke video created by someone else, Avishai Ish-Shalom.

Not being familiar with Docker, I found Ian's explanation and honest acknowledgement of its downsides and limitations to be very informative.

>Made the world a better place?

It makes developers just a little more skeptical of the latest hot new thing it probably has made the world a better place.

Today's overhyped technology is tomorrow's legacy garbage.

If you understand German, this video is not fun at all.

I can't follow what's written in subtitle. I really tried hard, but no - my mind doesn't follow subtitle. What's the point of doing so with audible audio?

For those who don't speak German, hearing the tone of voice is part of the joke. For some comments he's angry, for some he's defeated. Body language alone would capture some of that, but the tone is quite helpful.

You must be fun at a party...

Applications are open for YC Winter 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact