|
|
|
|
|
|
by ChoHag
3541 days ago
|
|
|
We already did the containerisation of everything (except we didn't lie to ourselves and just called them the processes they are) and discovered flaws along the way, fixing most of them. Docker wants to find the flaws on its own, so is repeating the last ~30 years of software distribution development. Every problem containerisation discovers has been discovered. Every flaw it fixes has been fixed. All that is achieved by the modern insistence that containerisation is in any way something new is a larger attack surface. The ability to return to "some fixed point" has always been present and simple. Judging by many years of building other people's software, for fun or profit, developers simply don't bother to do so. None of my work is ever release without returning the system to a known state in order to run the necessary barrage of tests (which, developers take note, includes TESTING THE GOD-DAMN INSTALLATION DOCUMENT) and I've achieved this without the need for chroot, whatever its name du juor. /rant |
|
|
I get the sense that you feel it was always possible if upstream developers took the time and effort.
Which strikes me as a quite different approach to snapshotting filesystem layers.