Friday, October 2, 2015

Could the Docker bet be wrong? "The mythical man-month applied to sysadmins too."

What would happen if the Docker bet was wrong? First of all companies like VMware and OpenStack support Docker as a "me too" as far as that does. Beside rkt(Rocket) there isn't much competition. (Ubuntu has something called LXD and NixOS, Systemd, and a few other teams have wrappers around LXC. Docker is also trying to wrap itself in legal armor and it's moving from free/open to pay for play.) It's clearly all too confusing. So many companies are wrapping themselves in the multicolored robes of docker and the rest are simply hedging their pets.

Let's do a little shoestring and paper napkin analysis:

  • Docker claims to remove the duplicate features in running a proper OS per application by sharing the kernel with the host. Thus reducing the overhead and energy spent. So I ask the question: "If you're running a vannila Ubuntu in a Docker container just what is the savings? Phusion has already made certain claims about the number of daemons running and why their distros are better. Unless you are running a Scratch or possible Busybox guest you're not saving all that much compared to ESX which really does not have a host OS although it is a shim of sorts.
  • Docker security. Non existent and has a very high dependency on single source and 3rd party sourcing of dependencies and tools. It's simply nothing that can be audited. Apcera does some things right but it's too expensive and has not competition. I cannot get locked in that one trick pony.
  • Docker dumped the free boot2docker in favor of the not so free toolbox. 'nuff said.
  • While all this chroot and jail stuff is fun to play with can I really save my company money? fleet is a nice orchestration tool. Now that I have my apps written in go they port and schedule nicely. I could do more with my app and less with my containers.
  • Disaster Recover
  • lights out bootstraping
  • rkt, nspawn (said that already)
  • backups, shared volumes, hosted volumes
What am I forgetting?

Oh yeah, there are way too many sysadmins and devops that are good enough at their jobs that for all but the most seasoned paper dragons would probably rather spend their time hardening their current environment rather than rebuilding it from scratch.  The mythical man-month applied to sysadmins too.

UPDATE: if you really want to go bare metal you gotta try erlang on xen or elixir on xen. But one other advantage that I really didn't cover is that VMware and it's competition already have a class of tools that Docker is trying to attain. Trading chef, puppet, ansible orchestration for Dockerfiles or appc is ok but again why. You can do the same thing with simple perl, python and bash. Installers have been around a long time. And bootstraping too.

No comments:

Post a Comment

dead pixels

I have never had a dead pixel so when I read: Small numbers (1-3) of stuck or dead pixels are a characteristic of LCD screens. These are n...