A full decade since we took the 'it works on my machine' excuse and turned it into the industry standard architecture ('then we'll just ship your machine to production').
redhanuman 9 minutes ago [-]
the real trick was making "ship your machine" sound like best practice and ten years later we r doing the same thing with ai "it works in my notebook" jst became "containerize the notebook and call it a pipeline" the abstraction always wins because fixing the actual problem is just too hard.
goodpoint 2 minutes ago [-]
...while completely forgetting about security
forrestthewoods 8 minutes ago [-]
Linux user space is an abject disaster of a design. So so so bad. Docker should not need to exist. Running computer programs need not be so difficult.
esafak 7 minutes ago [-]
Who does it right?
whateverboat 6 minutes ago [-]
Windows.
3 minutes ago [-]
mrbluecoat 19 minutes ago [-]
> Docker repurposed SLIRP, a 1990s dial-up tool originally for Palm Pilots, to avoid triggering corporate firewall restrictions by translating container network traffic through host system calls instead of network bridging.
Genuinely fascinating and clever solution!
redhanuman 10 minutes ago [-]
repurposing a Palm Pilot dial-up tool to sneak container traffic past enterprise firewalls is unhinged and yet it worked the best infrastructure hacks are never clever in the moment they are just desperate that the cleverness only shows up after someone else has to maintain it.
Normal_gaussian 2 minutes ago [-]
Exactly. "so I hung the radiator out the window" vibes.
zacwest 45 minutes ago [-]
The historic information in here was really interesting, and a great example of an article rapidly expanding in scope and detail. How they combatted corporate IT “security” software by pretending to be a VPN is quite unexpected.
the__alchemist 22 minutes ago [-]
I'm optimistic we will succeed in efforts to simplify linux application / dependency compatibility instead of relying on abstractions that which work around them.
__MatrixMan__ 10 minutes ago [-]
Agreed.
I've recently switched from docker compose to process compose and it's super nice not to have to map ports or mount volumes. What I actually needed from docker had to do less with containers and more with images, and nix solves that problem better without getting in the way at runtime.
Joker_vD 15 minutes ago [-]
I am also optimistic we will succeed in efforts to properly annotate the data on the Internet with useful and accurate meta-data and achieve the semantic web vision instead of relying on search engines and LLMs.
Rendered at 17:42:07 GMT+0000 (Coordinated Universal Time) with Vercel.
Genuinely fascinating and clever solution!
I've recently switched from docker compose to process compose and it's super nice not to have to map ports or mount volumes. What I actually needed from docker had to do less with containers and more with images, and nix solves that problem better without getting in the way at runtime.