[isido]

What are the main gripes against Docker? Security is one that I hear a lot, but is a bunch of Docker containers somehow inherently more insecure than running the same apps on the same host?

Docker seems to be moving forward really fast and gets a lot of hype which tend to make my old-school sysadmin self a bit suspicious, but I'd love to hear critique that is based on the actual usage. (N.B. I'm just about to start making my first Docker deployment)

[dikaiosune]

I really love Docker, but I think there a few areas where I'm not a fan. For one, if I'm using Docker on a production machine, I make sure that machine is only for Docker containers. There have been a bunch of ways to escalate privileges to the broader machine, so it doesn't seem (to me) to be a great idea to run Docker alongside other more traditionally deployed apps on the same machine. Part of that is philosophical though and I think the use cases where Docker shines dictate that it owns the box.

Many people aren't ready to further abstract away from bare metal by adding a container layer for process management on top of the operating system which may be running inside a hypervisor. And there are situations where that's problematic. So it's not a great fit there either.