this post was submitted on 09 Mar 2024
545 points (96.0% liked)

memes

10686 readers
2473 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to [email protected]

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/AdsNo advertisements or spam. This is an instance rule and the only way to live.

Sister communities

founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 126 points 9 months ago (6 children)

It's really simple, it's a container containing a virtual os, which runs a browser and a webserver to run the app. The app connects to several external api services to do it's thing.

It's like, really simple!

[–] [email protected] 36 points 9 months ago (1 children)

I‘m very scared that this might actually be the case in some apps out there.

[–] [email protected] 5 points 9 months ago (1 children)

If they're running a virtual OS in a container, they're doing it very wrong. Containers and VMs are quite different, even on a Windows host.

[–] [email protected] 3 points 9 months ago (1 children)

I‘m not sure I understand. At least docker containers have their own os, mostly alpine linux. Dunno if that applies to other apllications.

[–] [email protected] 14 points 9 months ago* (last edited 9 months ago) (1 children)

Nah, a container isn't running nearly as much as an entire OS. Not by a long shot. The Kernel isn't there at all and the entire device stack is gone. Most don't even have an init system running like systemd. They're closer to a chroot in a single terminal than running an entire OS.

The OS flavor in a container is mostly about what flavor of supporting tools are available inside the container. Almost everything else is a thin wrapper making calls in to your host OS or container services.

[–] [email protected] 2 points 9 months ago (1 children)

Hmmm! Interesting! I knew the container shares the kernel with the host OS but I thought most of the rest would be there. I did never really have time to go through every detail tbh. Running 60 docker containers is too time consuming :) thanks for elaborating though.

[–] [email protected] 3 points 9 months ago* (last edited 9 months ago) (1 children)

Yea, I still need to learn a lot myself. Heck, I still have https://optimizedbyotto.com/post/linux-containers-docker/ open in a tab waiting to be read... For a couple weeks now. Sigh.

[–] [email protected] 2 points 9 months ago (1 children)

Dont worry. Learn as you go. I rather make projects to learn things in a practical way.

[–] [email protected] 2 points 9 months ago

I try to do both study and practice. So many things either don't exactly work as advertised, or have really obscure catches that are really difficult to tease appart yourself. So the only way to get a clear picture is to both study and practice. Then, you get to know all of form, intent, and function and not just what you can working.

[–] [email protected] 10 points 9 months ago

It probably was very simple for the kid who wrote it, just import everything and write a couple of lines to use all this stuff that already exists!

[–] [email protected] 7 points 9 months ago (1 children)

Gotta love using a base container image that is far too overkill for what you're trying to run.

[–] [email protected] -1 points 9 months ago (1 children)

I mean, isn't the entire point of a container largely non-functional compared to good deploy/install scripts? Both are perfectly capable of guaranteeing a predictable functional environment for the app. The container is just easier to use, harder to accidentally render insecure, and easier to clean up.

All of their benefits are NOT for the app itself.

[–] [email protected] 1 points 9 months ago (1 children)

Harder to accidently render insecure? My experience is the opposite, that docker style containers frequently fail to update vulnerable dependencies.

Also depending on context, I can say often the container is harder to use. Snap is probably the easiest to use of the solutions, flatpak makes cli invocation a pain, and docker style sucks entirely for interaction, but is fine if your primary interaction is via Web service once you set it up (but oh boy, adding a webui package means you get to mess with nginx or apache proxypass by hand, and each app may require subtly different parameters in proxypass).

[–] [email protected] 1 points 9 months ago (1 children)

Docker is not in a competitor for snap and flatpak. They are tackling very differend kinds of installations.

[–] [email protected] 1 points 9 months ago

The person said "containers" so I was responding to both.

However, docker containers could stand to learn a thing or two with how flatpak and snap compose a runtime. Applications can say "allow x, y, and z dependency layers to update independent of the application container", versus the docker style of the app developer must own maintenance of the entire image.

There may be reasonable differences with respect to how much of a users "real" files and environment are presented to a container in those scenarios, and functional differences like gui and networking suggesting different defaults,, but image composition does not need differentiation for their use cases.

[–] [email protected] 3 points 9 months ago* (last edited 9 months ago)

I get to witness to enterprise services flavor of that. Where the company pays software architects that aren't actually coding and coders not allowed to make architectural decisions.

You have software that takes http? You need to rewrite it so that you only speak rabbitmq, and use it for every http request or Web socket message, don't worry, we have a team that specializes in making http translate to rabbit mq, so you only have to rewrite the server code, another team will handle the http listener that translates to you.

What's that, you have a non http protocol? Well, the other team isn't scoped to handle that, so you'll need to convert your listener to rabbitmq and create a whole separate container to actually receive the packets in udp and then translate to rabbitmq. No "processing" software is allowed to speak anything but rabbitmq, and network listener containers are only allowed to dumb receive and Forward.

[–] [email protected] 3 points 9 months ago* (last edited 9 months ago)

It also sends your IP and location to Firebase, because the response comes as a push.

Every third time it outputs an ad text and plays an audio ad in the background.

[–] [email protected] 2 points 9 months ago

Tech hipsters be like: you had me at container!