Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> ...but standard VMs allow the use of standard operating systems that solved all the hard problems decades ago, whereas Docker is struggling to solve those problems today.

What are these supposed "hard problems" the author speaks of?



Sandboxed, consistent environments to run code in?


Although with recent adventures in speculative execution, that sandboxing isn't quite as 'solved' a problem as previously thought


All this money should have been spent on developing new, improving existing or switching to better (operating) systems which solve the resource and communication security problems, instead of creating another inner-platform effect.

I hope WebAssembly goes in this direction, instead of trying to adapt to current programming language paradigms.


>All this money should have been spent on developing new, improving existing or switching to better (operating) systems which solve the resource and communication security problems

But this isn’t the problem Docker is trying to solve. It’s just a problem that Docker needed to solve in order for their product to be useful, this is completely transparent to Docker users. Docker abstracts away a whole bunch of work you’d otherwise have to do to implement repeatable builds, it makes those builds widely distributable, and (depending on how you choose to use containers) can also simplify some capacity planning problems.


I thought Docker builds are not generally repeatable, since they often `apt-get update && apt-get install`, which depends on the current state of external package management?

They are definitely not reproducible in the sense of building bit-for-bit identical containers, unless you use Bazel.

That being said, I've found Dockerfiles to be a much more reliable build process than most others (recently struggled to get through LogDevice's cmake-based build.. ugh).


You’re correct, but how reproducible you’re builds end up being depends on how you use it, and how reproducible you need them to be depends on your use case. Maybe a particular use case wouldn’t fit in very well, maybe it would be better served by using something like packer, maybe your dependency management requirements mean you should use something like artifactory. No technology is going to be suitable for everybody’s needs, but Docker provides enough value to enough people that it’s found a place in the market. If it Docker dies, I’d imagine it would be because it was replaced by something better, not because people suddenly realized that they weren’t getting any value out of it.


and environments as code




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: