• nous@programming.dev
    link
    fedilink
    English
    arrow-up
    74
    arrow-down
    3
    ·
    1 month ago

    Um no. Containers are not just chroot. Chroot is a way to isolate or namespace the filesystem giving the process run inside access only to those files. Containers do this. But they also isolate the process id, network, and various other system resources.

    Additionally with runtimes like docker they bring in vastly better tooling around this. Making them much easier to work with. They are like chroot on steroids, not simply marketing fluff.

    • Markaos@lemmy.one
      link
      fedilink
      arrow-up
      15
      ·
      1 month ago

      The author acknowledges that, the blog post seems to be aimed at demystifying the concept of namespaces by showing that a “container runtime” that only does limited filesystem namespaces (using chroot) is enough to get some widely used containers running (of course without all the nice features and possibilities of the other types of namespaces)

    • monk@lemmy.unboiled.info
      link
      fedilink
      arrow-up
      1
      ·
      1 month ago

      Yeah, and this brings no tangible UX or security benefits and is only ever used because last-century package managers can’t manage packages, containers are glorified chroots.

  • Vendetta9076@sh.itjust.works
    link
    fedilink
    arrow-up
    39
    arrow-down
    4
    ·
    1 month ago

    First of all: no, and repeating this nonsense over and over doesn’t make it any more true.

    Second of all: I truly will never understand the hatred some people have for docker. If you prefer all bare metal install, then fine. But constantly shouting from the rooftops how useless and bad docker is seems a little silly.

    • Solumbran@lemmy.world
      link
      fedilink
      arrow-up
      21
      arrow-down
      4
      ·
      1 month ago

      Containers are fine but docker is a pain in the ass that lazy people use when they don’t want to provide clean installation/packaging.

      How many times have I seen an equivalent of “we use a custom fork of an obsolete version of an unmaintained package, so if you want to compile it yourself good luck because we forgot how we even did it. Alternatively, you can install the docker version”…

    • lengau@midwest.social
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      1 month ago

      Containers are great, but I find Docker’s way of making container images to be pretty bad, personally. Fortunately you can use other tools to create OCI images and then copy them into Docker, as the runtime is pretty nice for dev machines.

  • 𝘋𝘪𝘳𝘬@lemmy.ml
    link
    fedilink
    arrow-up
    13
    arrow-down
    1
    ·
    1 month ago

    So they say I can run a dozen of different web applications on the same machine all on the same port internally and different port externally and have a reverse proxy forwarding the traffic to the correct port based on the hostname it was called with by simply using a bunch of chrooted environments?

    • IsoKiero@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 month ago

      Not that it’s really relevant for the discussion, but yes. You can do that, with or without chroot.

      That’s obviously not the point, but we’re already comparing oranges and apples with chroot and containers.

    • nickwitha_k (he/him)@lemmy.sdf.org
      link
      fedilink
      arrow-up
      2
      ·
      1 month ago

      Without the chroot, that’s how shared webhosting works but it can be hundreds or thousands of sites, depending on resource usage and server capacity.

  • SavvyWolf@pawb.social
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    1 month ago

    Honestly, since getting into NixOS, I’ve found that much more of an elegant system than Docker or whatever.