this post was submitted on 23 Jul 2023
152 points (96.9% liked)

Selfhosted

40040 readers
658 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I jumped into Docker feet first a few months ago and have not had a real good time with it. Networking doesn't make sense, I can't ever seem to access config files without dropping to su -, all the tutorials and videos I find are pretty top level and assume the user already has a firm grasp on it. It's great for drop in stuff like open speed test and Vaultwarden but I recently tried setting up dashy and I can't even find the config files to edit. The Dashy documentation says the easiest way to edit the configs is to use code-server, so I spun up a code-server VM and can't even get it to open the files because the web based VSC doesn't allow for SSH editing. There's nothing explained in the documentation beyond that.

Yes I'm frustrated but I'm not bitching as if these solutions are trash, I'm simply asking where can I go to learn this shit from the ground up? It doesn't make any sense to me from the perspective that I've approached it. Networking seems to be silly and weird, entering an interactive TTY to the container seems to be useless as there's no package manager and doesn't seem to have vim, nano, or any native way to edit configs. It's been extremely frustrating so I ask you, where can I learn what I'm doing wrong and how to properly work with Docker?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 17 points 1 year ago* (last edited 1 year ago) (2 children)

Others have pointed out that docker containers aren't idiomatically like VMs and you interact with them differently. Some workflow tips:

  • Don't edit configs in containers. Mount your config files as a volume. Edit them from your host using your normal editor and restart your container when they change.
  • Don't exec into your running container and then try to install debugging tools as you need them. Use a Dockerfile to build an image that has the debugging tools you need and launch your container using that.
  • In general, mess with your container less while its running. Use dockerfiles, compose, and entry point scripts to set things up in your container so it's the way you want it on startup. While its running, just use docker logs to see what it's doing or run the occasional debugging command via exec if you must... but do more during container-build and startup and less after it's running. Rebuild and restart the container a lot during debugging to make your changes take effect.

The other issue in play here is that the fundamentals necessary to understand how docker containers run aren't actually docker fundamentals. They're:

  • Networking fundamentals. The container networking stack is really configurable and really complicated.
  • Volumes and config mounts are based on overlay filesystems.
  • Lots of docker issues are related to complex security systems like Linux capabilities.
  • All of these systems are configurable, and different docker setups use them different ways.

These things aren't trivial to learn, a thorough understanding of these things is the difference between a junior sysadmin and a senior one, and you WILL get exposed to them when things break. But step one in learning more is definitely to recognize that the hards parts of docker are rarely docker itself. Rather, the hard parts are their own thing. Figure out what Linux system you're struggling with and start learning about that and how docker uses it rather than narrowly focusing your research on docker itself. Anything focusing on the docker piece must necessarily gloss over the real foundations which are often very complex... so this will start you expose you to deeper material that you can assemble in your own mind into an understanding of your own specific docker setup.

[–] [email protected] 4 points 1 year ago (1 children)

@PriorProject @dartanjinn This is why OS containers make more sense to me. #LXC is all I use.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

I went through that phase too, but people haven't widely adopted the idioms around immutable infrastructure for no reason. My LXC setup was more work to maintain and left me with much MUCH more upgrade uncertainty than my idiomatic/immutable container setup does. I have a deep understanding of both systems and both approaches and I would never go back to using LXC like VMs.

[–] [email protected] 1 points 1 year ago

@PriorProject it's definitely more work but it's not that much. I need to set up some more automation but currently I can keep it updated with a few scripts.

[–] [email protected] 3 points 1 year ago

I was in the process of writing basically this same post, but you've already said it very well.

Docker isn't really a technology in and of itself; its an applicable of many of the fundamental components of Linux to create a specific result. To really understand it you have to understand the technologies it's built from.

A recommendation I'll throw in here for OP is How Linux Works by Brian Ward. This book is an excellent first step in really understanding those Linux fundamentals.