[talk] Containerization
Pete Wright
pete at nomadlogic.org
Sat Apr 8 12:04:55 EDT 2017
On 04/08/2017 07:01, Edward Capriolo wrote:
>
>
> On Sat, Apr 8, 2017 at 9:38 AM, Jesse Callaway <bonsaime at gmail.com
> <mailto:bonsaime at gmail.com>> wrote:
>
>
>
> On Sat, Apr 8, 2017 at 12:19 AM, Sujit K M <kmsujit at gmail.com
> <mailto:kmsujit at gmail.com>> wrote:
>
> On Sat, Apr 8, 2017 at 4:17 AM, Mark Saad <mark.saad at ymail.com
> <mailto:mark.saad at ymail.com>> wrote:
> > All
> > I have a thought experiment head over to
> http://99percentinvisible.org/
> > and listen to the current talk on containerization ; and how
> it transforms
> > the dock cities . It has some good background on 70's urban
> blight with the
> > decline of the dock worker jobs and how this drags the
> related economies
> > down . So now think about how this works with regards to
> computer
> > containers. Does docker / vms supplant the old way of by
> hand rolling
> > software ? Do we loose admin jobs like we lost longshoreman?
> Is a super
> > container ship on the horizon for operating systems. It's
> damn interesting
> > to think about . Does the shipping industry parallel
> developers and
> > administrators dealing with docker and vms ? You decide .
> >
> Too Much Automation?
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org <mailto:talk at lists.nycbug.org>
> http://lists.nycbug.org/mailman/listinfo/talk
> <http://lists.nycbug.org/mailman/listinfo/talk>
>
>
>
> I used to work for a small web design firm that needed someone to
> manage their TWO servers, to cram all the customers we could into
> one box and help troubleshoot email issues, as their dedicated
> sysadmin. I had seriously a single 100 line bash script that did
> my job, and the rest of the time I spent tuning our phone system
> to improve call quality to the SF office.
>
> Eventually I had to quit because they couldn't make payroll during
> a lull in acquiring customers. I don't think this position is
> available anymore, but the good news is that the people working
> there continue to make great custom websites. They have absolutely
> no need for someone in particular to maintain an operating system
> on a given piece of hardware, and that's great for their business.
>
> Now at my current position we have a very small team who manages
> quite a large amount of infrastructure. Millions and millions of
> dollars of hardware and networking. However, I've never seen any
> of it. Someone DOES have the job of racking it all up and
> replacing broken hard disks on the SAN, but I'll never know who or
> even what brand of disks they use or even what type of SAN. There
> are fewer of these jobs per resource managed due to increased
> efficiency, I would assume.
>
> So that small business admin maintaining a LAMP platform is gone.
> That job doesn't exist. Soon enough, and it's happening right now
> at my employer, the dedicated DevOps team also will go. Their jobs
> will be given to three positions which will not go away.. the
> accountant/controller, the security chief (one person), and the
> application developer who is also interested a bit in plumbing.
>
> Remember what "computers" used to be when they were people? No,
> nobody does. Yes the traditional sysadmin has been replaced by a
> computer program. There is a rack-and-stack person and a person
> who designs datacenters and a person who ensures uptime and
> someone who makes sure the VPN is up. But nobody is upgrading
> Apache in-place and crossing their fingers.
>
> --
> -jesse
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org <mailto:talk at lists.nycbug.org>
> http://lists.nycbug.org/mailman/listinfo/talk
> <http://lists.nycbug.org/mailman/listinfo/talk>
>
>
> Think about this: FreeBSD ports vs Fedora packages, vs Debian
> whatevers, vs mac freshports. The industry was wasting a lot of time
> packaging and re-packaging things.
>
> I used to use linux vserver which had a similar system to create
> containers: vserver --create --name mything --ip 34.34.34.34 --src
> rsync:/myweb/server/
>
> Docker just become an easy efficient way to share packages. It lets
> the people who build the software build a package and distribute to
> all people that have docker. This is much more efficient then having
> every distro of every unix/linux build a package ./configure && make
> && make install && customize.
>
> That is why it is winning. Speed/cross platform/ ease of use.
>
> Take for example a piece of software like c-actor framework. The
> freebsd port struggles somewhat because none of the devs are on that
> platform. The user really does not want to take up that burden, they
> just want to use it. If a docker exists you just use that on any
> platform and you can deploy it to amazon container service as well
> your going to be more inclined to use that then to get sidetracked
> into fixing a port which is not actually what you want to do.
>
>
meh not sure i really agree here - i've seen people struggling to use
docker in prod (both standalone as well as using Mesos/DCOS and
Kubernetes) and really they spend more time fighting their tools than
actually administrating and understanding their infrastructure. The
DCOS team has done *3* complete delete/reinstall cycles because it's
"easier than upgrading" - i.e. they have no idea as to how their
infrastructure is actually being build. why are they using DCOS - they
think they want zookeeper/ha-proxy etc but have no idea as to how to
admin it. not really a good recipe for stable infrastructure.
the pure docker team as far as i can tell doesn't have a handle as to
what bits their images are being built with. oh ssl vuln we need to
patch, well time to rebuild all our docker images and re-deploy an
entire new stack and hope i didn't miss any systems. oh admin left or
cycled ssh keys, well configuration management is for fools - we'll just
redeploy our entire docker infrastructure.
imho there may be valid use cases for jails/containers - but i've rarely
seen it implemented correctly. and when i do see it implemented in a
sane manner it really does look like traditional systems architecture
containing:
1) configuration mgmt is in place with strong auditing/reporting
2) detailed auditing of software installed using either native or
software stack (pip, npm, etc.) packages
-pete
--
Pete Wright
pete at nomadlogic.org
@nomadlogicLA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20170408/eb2db13c/attachment.htm>
More information about the talk
mailing list