1 |
On Fri, Mar 9, 2018 at 11:17 AM, Alec Warner <antarus@g.o> wrote: |
2 |
> |
3 |
> In contrast with disposable containers: |
4 |
> |
5 |
> Automated build process for my containers. |
6 |
> |
7 |
> If there is a bug in the build, I can throw my buggy containers away and |
8 |
> build new ones. |
9 |
> |
10 |
> Containers are encouraged to be stateless, so logging in to the container as |
11 |
> root is unlikely to scale well; the containers are likely to remain 'clean.' |
12 |
> |
13 |
> If my containers are dirty, I can just throw them away and build new ones. |
14 |
> |
15 |
> If I need to change roles, I can just destroy the webnode container and |
16 |
> deploy a LDAP node container. |
17 |
> |
18 |
> The containers are nominally stateless, so there is less chance of 'gunk' |
19 |
> building up and surprising me later. It also makes the lifecycle simpler. |
20 |
> |
21 |
> Obviously its somewhat harder for stateful services (databases, etc.) but I |
22 |
> suspect things like SANs (or Ceph) can really provide the storage backing |
23 |
> for the database. |
24 |
> (database "schema" cleanliness is perhaps a separate issue that I'll defer |
25 |
> for another time ;p) |
26 |
> |
27 |
|
28 |
Certainly this is a great way to approach things, but it is also not |
29 |
the process we have in our handbook, and therefore it seems a bit much |
30 |
to expect users to actually be following it. |
31 |
|
32 |
If every one of our profiles shipped with an ansible config file or |
33 |
similar that just results in a working image with a few edits this |
34 |
would be somewhat more practical, though I'm not sure I've really seen |
35 |
a clean solution for something like "docker on the desktop." Docker |
36 |
won't even fetch an IP address from my router using DHCP... |
37 |
|
38 |
-- |
39 |
Rich |