Comment by otabdeveloper4
4 months ago
> Containers randomly break or bitrot?
All the fucking time. Maybe it's possible to control your supply chain properly with containers, but nobody actually does that. 99% of the time they're pulling in some random "latest image" and applying bespoke shell commands on top.
> I don't know what is meant by "system setup" here, and "arcane" is subjective.
Clearly you've never debugged container network problems before.
> but nobody actually does that
They do. I assure you.
> they're pulling in some random "latest image"
Hardly random. Vendoring validated images from designated publishers into secured private repos is the first step on the supply chain road.
> Clearly you've never debugged container network problems before.
Configuring Traefik ingress to forward TCP connections to pods was literally the last thing I did yesterday. At one time or another I've debugged all the container network problems for every widely used protocol in existence, and a number of not so common ones.
> first step on the supply chain road
99 percent of Docker container users aren't on the supply chain road. They just want to "docker pull", #yolo.
> Configuring Traefik ingress to forward TCP connections to pods was literally the last thing I did yesterday
Docker does crazy insane modifications to your system settings behind the scenes. (Of which turning off the system firewall is the least crazy.)
Have fun when the magic Docker IP addresses happen to conflict with your corporate LAN.
Feel free to have whatever problems you enjoy with Docker and its users. The discussion was about containers and their security, reliability and usability, and there I haven't found one thing you've written that made any sense. Your conflation of Docker with all of this is a strong clue that your actual knowledge on the topic is limited.