Hacker News new | ask | show | jobs
by josephg 1320 days ago
An rpm just needs to add the missing scripts and binaries to your existing operating system. It doesn’t need a full mini OS image to run. So an rpm will be ~2mb while a docker image of the same thing might be 150mb. Rpm and deb packages also usually contain startup scripts so any services can be set to start when your computer starts. And they can put log files and database files in your regular filesystem without any special nonsense. They run with (generally) user level access permissions, which are much more battle tested than root permissions through lxd. And they have full access to the computer’s networking devices.

Rpm/deb packages can also install man files, command line tools, gui apps, and so on that can run directly in your operating system.
1 comments
doctor_eval 1319 days ago
As a counterpoint, a disadvantage of deb/rpm is that the installed code can actually scribble crap anywhere they like in your system. Did you just install a setuid program? Did it just install a service? Who knows!

As much as I’m not a fan of Docker, it does isolate the container’s file system and other resources from the OS, something that deb/rpm/brew etc don’t do.

link
josephg 1319 days ago
I’ve been meaning to check out Nix for awhile for this exact reason. I want the state of my operating system to be a simple state machine managed by a package manager. Right now the filesystem on Ubuntu and friends it feels like a horrible mess of random stuff. You end up in a different OS state if apt fails halfway through installing, or if you install an old package, configure it then upgrade it vs installing a new package. The classic “make install” just puts files wherever it wants. And then there’s the layered complexity of language-specific package managers - which are needed because apt isn’t up to task.

This is one big advantage of docker. Applications are actually portable and isolated. We need more of that in our Linux distributions.

link
btdmaster 1319 days ago
You can unpack those formats with `bsdtar xf PACKAGE` and that's something that is much harder to do with Docker.
link
amclennon 1319 days ago
I'm not sure if I understand the advantage here. Aren't container images trivial to export? I've done this many times as part of build pipelines
link