I’m a retired Unix admin. It was my job from the early '90s until the mid '10s. I’ve kept somewhat current ever since by running various machines at home. So far I’ve managed to avoid using Docker at home even though I have a decent understanding of how it works - I stopped being a sysadmin in the mid '10s, I still worked for a technology company and did plenty of “interesting” reading and training.
It seems that more and more stuff that I want to run at home is being delivered as Docker-first and I have to really go out of my way to find a non-Docker install.
I’m thinking it’s no longer a fad and I should invest some time getting comfortable with it?
I hate it very much. I am sure it is due to my limited understanding of it, but I’ve been stuck on some things that were very easy for me using VM.
We have two networks, one of which has very limited internet connectivity, behind proxy. When using VMs, I used to configure everything: code, files, settings on a machine with no restrictions; shut it down; move the VM files to the restricted network; boot and be happily on my way.
I’m unable to make this work with docker. Getting my Ubuntu server fetch its updates behind proxy is easy enough; setting it for python Pip is another level; realising the specific python libraries need special keys to work around proxies is yet another; figuring out how to get it done for Docker and python under it is when I gave up. Why can it not be as simple as the VM!
Maybe I’m not looking using the right terms or maybe I should go and learn docker “properly”, but there is no doubt that using Docker is much more difficult for my use case than using VMs.
You are right. Either you are using docker very wrong, or docker is not meant for this use case.
You say “getting ubuntu server to fetch it’s updated behind proxy”. You shouldn’t be updating Ubuntu from inside of docker. Instead, the system should be somewhat immutable. You should configure the version you want to use as part of the Docker file.
Same with python and keys. You likely want to install python dependencies in the Dockerfile, so that you can install them once and it becomes bundled into the container image. Then you don’t need to use pip behind the proxy.
I’m not much into new year resolutions, but I think I’ll make a conscious effort to learn Docker in the coming months. Any suggestions for good guides for someone coming from VM end will be appreciated.
I learn by twiddling knobs and such and inspecting results, so having come from a tall stack of KVM machines to docker, this helped me become effective with a project I needed to get running quickly: https://training.play-with-docker.com/
You basically log into a remote system which has docker configured, and go through their guide to see what command is needed per action, and also indirectly gets you to grok the conceptual difference between a VM and a container.
Jump straight to the first tutorial: https://training.play-with-docker.com/ops-s1-hello/
Thank you for these links, they look just right. Most tutorials I come across these days are videos. Maybe they are easier to make. These tutorials that allow you to tinker at your own pace seem better to me. Will you mind if I reach out to you over DM if I get stuck at something while learning and am not able to find the right answer easily?
Sure, that’s ok. Thanks for asking.
The networking send to be where documentation for both docker and podman seem to be a bit slim, just a heads up.
Huh? Your docker container shouldn’t be calling pip for updates at runtime, you should consider a container immutable and ephemeral. Stop thinking about it as a mini VM. Build your container (presumably pip-ing in all the libraries you require) on the machine with full network access, then export or publish the container image and run it on the machine with limited access. If you want updates, you regularly rebuild the container image and repeat.
Alternatively, even at build time it’s fairly easy to use a proxy with docker, unless you have some weird proxy configuration. I use it here so that updates get pulled from a local caching proxy, reducing my internet traffic and making rebuilds quicker.
I think I’m not aware of the exporting/publishing part and that’s the cause of my woes. I get everything running on the machine with unrestricted access, move to the machine with restricted access go “docker compose up” and get stuck. I’ll read up on exporting/publishing, thank you.