Conversation
Notices
-
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:25:37 JST 
Sexy Moon
@pingviini @i @pomstan in a lot of cases containerization is what you do when you slapped together some shit without thinking about dependencies or deployment. not always but often! -
Embed this notice
pomstan (pomstan@xn--p1abe3d.xn--80asehdb)'s status on Friday, 29-Mar-2024 03:31:46 JST 
pomstan
@Moon @i @pingviini in k8s full os images are an antipattern, actually
Sexy Moon likes this. -
Embed this notice
(mint@ryona.agency)'s status on Friday, 29-Mar-2024 03:32:46 JST 
@pomstan @i @pingviini @Moon Not sure about k8s, but last time I used docker, base alpine and debian images pulled a rather complete system, and some of the other public images like php or postgres used to be based off them. -
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:32:47 JST
Sexy Moon
@pomstan @i @pingviini do you mean the preference is toward unikernels or do you mean it shouldn't have an init system in there. -
Embed this notice
(mint@ryona.agency)'s status on Friday, 29-Mar-2024 03:33:21 JST
@pomstan @Moon @i @pingviini That said, all my experience with docker comes form hosting an ochkoparasha clone that didn't have a dockerless install method at the time. -
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:35:21 JST
Sexy Moon
@mint @i @pingviini @pomstan I took a multi day training course on k8s so I am not totally full of shit but I have zero practical experience, my main takewaway was get this shit away from me as fast as possible.
docker often have a package manager in there to install deps but instead of calling systemd with pid 1 you just call your program so while there's a full OS on disk in there it's not running the full OS likes this. -
Embed this notice
pomstan (pomstan@xn--p1abe3d.xn--80asehdb)'s status on Friday, 29-Mar-2024 03:36:49 JST
pomstan
init system
useless in containerd
preference is toward
...shipping an absolutely minimal os image
some insane fucks even do FROM scratch but not having shell, curl or ss inside is inconvenient
-
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:38:26 JST
Sexy Moon
@pomstan @i @pingviini @mint I was autistically creating the tiniest docker images I could until I had a problem and it was impossible to debug, yeah -
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:39:50 JST
Sexy Moon
@pomstan @i @pingviini @mint I have seen retarded docker images running an init system in there but I think it was Runit. -
Embed this notice
pomstan (pomstan@xn--p1abe3d.xn--80asehdb)'s status on Friday, 29-Mar-2024 03:39:51 JST
pomstan
@Moon @i @pingviini @mint systemd can't run under containerd isolation lol
-
Embed this notice
Cheetah Meld (pingviini@pleroma.shunderdo.me)'s status on Friday, 29-Mar-2024 03:40:46 JST 
Cheetah Meld
@Moon @i @pomstan To be fair, what's more military in general and U.S. Air Force specifically than stuffing a pilot into a minimum viable product and wish them godspeed Sexy Moon likes this. -
Embed this notice
(mint@ryona.agency)'s status on Friday, 29-Mar-2024 03:42:18 JST
@Moon @i @pingviini @pomstan The shit I was talking about used to launch a shell script which then starts a node process with supervisord. And yeah, it's based on debian. Sexy Moon likes this. -
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:45:36 JST
Sexy Moon
@mint @i @pingviini @pomstan I think I have seen this multiple times for node apps although I admit I don't understand why, I think they are trying to avoid a full container restart (why?) -
Embed this notice
pomstan (pomstan@xn--p1abe3d.xn--80asehdb)'s status on Friday, 29-Mar-2024 03:45:37 JST
pomstan
@mint @i @pingviini @Moon lemme guess, script rendered some environment variables into a config? pretty common pattern for docker
k8s has init containers for this
-
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:47:07 JST
Sexy Moon
@mint @i @pingviini @pomstan I have mostly used LXC which is containerization that does use a full init system where the internal systemd is linked to the host systemd via dbus. there are advantages to this but the main disadvantage I ran into was that the host was spewing all its systemd logs into every single container's systemd. honestly linux containers is such a buggy mess that I finally gave up on them recently and have been ripping all my stuff out of containers. likes this. -
Embed this notice
(mint@ryona.agency)'s status on Friday, 29-Mar-2024 03:50:31 JST
@pomstan @i @pingviini @Moon Yeah, it was an imageserver, and prior to launch it takes a salt string from envvar and seds a config. Basically every setting was put in an envvar, and this quickly became a sore point in case I ever needed to change them.
200117vrcteofmtzpv.png -
Embed this notice
(mint@ryona.agency)'s status on Friday, 29-Mar-2024 03:57:02 JST
@Moon @i @pingviini @pomstan All my containers are LXC, and the one Debian container I still have (I think it was due to Namecoin segfaulting when built with Alpine's libc) doesn't seem to spew anything into host's init. Maybe it needs to be set up separately, idk. -
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:57:54 JST
Sexy Moon
@mint @i @pingviini @pomstan these bugs are likely at the OS level, if I were running Debian instead of Ubuntu I would probably have no problem. likes this. -
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 03:59:55 JST
Sexy Moon
@pomstan @i @pingviini @mint running the stuff directly on the host with different users using systemd. systemd can do some of the same isolation stuff that containers do now. -
Embed this notice
pomstan (pomstan@xn--p1abe3d.xn--80asehdb)'s status on Friday, 29-Mar-2024 03:59:56 JST
pomstan
@Moon @i @pingviini @mint what are you using instead, microvms?
-
Embed this notice
pomstan (pomstan@xn--p1abe3d.xn--80asehdb)'s status on Friday, 29-Mar-2024 04:01:45 JST
pomstan
@Moon @i @pingviini @mint and no software
Sexy Moon likes this. -
Embed this notice
Sexy Moon (moon@shitposter.club)'s status on Friday, 29-Mar-2024 04:05:37 JST
Sexy Moon
@pomstan @i @pingviini @mint I just found that online community support was nonexistent, there is a linux containers forum that everybody important was in but questions sit in there for years without answers. I was running into definite bugs but the features apparently worked in other distributions.
in one particular case I was trying to use cpu affinity and cpu quota, and my containers would crash on start. unless I started them in the foreground. I found many cases where things only worked in foreground (worthless unless I want to use tmux as my init system) -
Embed this notice
guizzy (in exile) (guizzy@shitposter.club)'s status on Friday, 29-Mar-2024 05:03:20 JST 
guizzy (in exile)
@Moon @i @pingviini @pomstan I pushed clients to use Docker because I got tired of the devs blaming the hosting environment for every problem. Now they've moved on to blaming the reverse proxy running in front of the container for every problem. And producing docker container with values hardcoded inside the container that should definitely be defined outside. "Oh yeah, we'll just make a new container to move into production!" -
Embed this notice
munir (munir@fedi.munir.tokyo)'s status on Friday, 29-Mar-2024 05:19:40 JST 
munir
@mint @i @pingviini @pomstan I always look at Cyrillic characters and see English haha...
AOKEP likes this. -
Embed this notice
(mint@ryona.agency)'s status on Friday, 29-Mar-2024 22:59:01 JST
@guizzy @i @pingviini @Moon @pomstan Want to make something portable for a laugh? We had a tool for that, it's called STATIC LINKING.
-
Embed this notice
All GNU social JP content and data are available under the 