Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Actually Docker and the success of containers is mostly due to the ease of shipping code that carries its own dependencies and can be run anywhere. Security is a side-effect and definitely not the reason why containers picked-up.
Yes, and it's much harder to achieve the same. In systemd you need to use 30 different options to get what using containers you achieve almost instantly and with much less hussle. I made an example on my blog where I decided to run
blocky
in Systemd and not in Docker. It's just less convenient and accessible, harder to debug and also relies on each individual user to do it, while with containers a lot gets packed into the image and therefore harder to mess up.There are a many container runtimes (CRI-O, podman, mirantis, containerd, etc.). Docker is just a convenient API, containers are fully implemented just with Linux native features (namespaces, seccomp, capabilities, cgroups) and images follow an open standard (OCI).
I will avoid comment what looks like a rant, but I want to simply remind you that containers are the successor of VMs (virtualize everything!), platforms that were completely proprietary and in the hands of a handful of vendors, while containers use only native OS features and are therefore a step towards openness.
I don't disagree with you, but that also shows that most modern software is poorly written. Usually a bunch of solutions that hardly work and nobody is able to reproduce their setup in a quick, sane and secure way.
Yes, that's exactly point point. There are many options, yet people stick with Docker and DockerHub (that is everything but open).
Yes... maybe we just need some automation/orchestration tool for that. This is like saying that it's way too hard to download the rootfs of some distro, unpack it and then use
unshare
to launch a shell on a isolated namespace... Docker as you said provides a convenient API but it doesn't mean we can't do the same for systemd.Completely proprietary... like QEMU/libvirt? :P
Does it? I mean, this is especially annoying with old software, maybe dynamically linked or PHP, or stuff like that. Modern tools (go, rust) don't actually even have this problem. Dependencies are annoying in general, I don't think it's a property of modern software.
Who are these people? There are tons of registries that people use, github has its own, quay.io, etc. You also can simply publish Dockerfiles and people can build themselves. Ofc Docker has the edge because it was the first mainstream tool, and it's still a great choice for single machine deployments, but it's far from the only used. Kubernetes abandoned Docker as default runtime for years, for example... who are you referring to?
But Systemd also uses unshare, chroot, etc. They are at the same level of abstraction. Docker (and container runtimes) are simply specialized tools, while systemd is not. Why wouldn't I use a tool that is meant for this when it's available. I suppose bubblewrap does something similar too (used by Flatpak), and I am sure there are more.
Right, because organizations generally run QEMU, not VMware, Nutanix and another handful of proprietary platforms... :)
I use ghcr, i have no issues pulling images from amazon ECR or wherever.
Docker got there first with the adoption and marketing.
Automation tools like ansible and terraform have existed for ages, and are great for running things without containers.
OCI just makes it a hell of a lot easier and portable
I’ve been using ansible as well and it’s great.
Successor implies replacement. I think containers are another tool in the toolkit of servers/hosting, but not a replacement for VMs
Well, I did not mean replacement (in fact, most orgs run in clouds which uses VMs) but I meant that a lot of orgs moved from VMs as the way to slice their compute to containers/kubernetes. Often the technologies are combined, so you are right.