Comment by hu3
1 day ago
From the article, the goal was not to simplify, but rather to modernize:
> So instead, I'd like to switch to deploying my website with containers (be it Docker, Kubernetes, or otherwise), matching the vast majority of software deployed any time in the last decade.
Containers offer many benefits. To name some: process isolation, increased security, standardized logging and mature horizontal scalability.
So put the binary in the container. Why does it have to be compiled within the container?
That is what they are doing. It's a 2 stage Dockerfile.
First stage compiles the code. This is good for isolation and reproducibility.
Second stage is a lightweight container to run the compiled binary.
Why is the author being attacked (by multiple comments) for not making things simpler when that was not claimed that as the goal. They are modernizing it.
Containers are good practice for CI/CD anyway.
I'm not sure why "complicate things unnecessarily" is considered more modern.
Don't do what you don't need to do.
1 reply →
That’s a reasonable deployment strategy, but a pretty terrible local development strategy
1 reply →
Because he spends a good deal of the intro complaining that this makes his dev practice slow. So don’t do it! It has nothing to do with docker but rather the fact he is wiping the cache on every triggered build.
Mightily resisting the urge to be flippant, but all of those benefits were achieved before Docker.
Docker is a (the, in some areas) modern way to do it, but far from the only way.
Increased security compared to bare hardware, lower than VMs. Also, lower than Jails and RKT (Rocket) which seems to be dead.
> process isolation, increased security
no, that's sandboxing.