[hello0904]

I have no idea what I am talking about? Docker is literally adding middleware between your Linux system and app.

That doesn't necessarily mean there aren't Pro's to Docker, but one Con to Docker is - it's absolutely overhead and complexity that is not necessary.

I think one of the most powerful features of Docker by the way is Docker Compose. This is the real superpower of Docker in my opinion. I can literally run multiple services and apps in one VPS / dedicated server and have it manage my network interface and ports for me? Uhmmm...yes please!!!! :)

[neilalexander]

Docker's runtime overheads on Linux are tiny. It's pretty much all implemented using namespaces, cgroups and mounts which are native kernel constructs.

[hello0904]

Well designed, written and efficient...middleware. It's a wrapper around linux and a middle between my OS and my app! A spade is a spade.

There are cons beyond performance. For example Docker complexity - you need to learn a new filetype, a new set of commands, a new architecture, new configurations, spend hours reading another set of documentation. Buy and read another 300 page O'Reily book to master and grasp something that again has Pro's and Con's.

For me? It's not necessary and I even know some Docker Kung-Fu but choose not to use it. I do use Docker Desktop occasionally to run apps and services on my localhost - it's basically a Docker Compose UI, and I really enjoy it.

[selfmodruntime]

> It's a wrapper around linux and a middle between my OS and my app

No. Docker doesn't "wrap" anything, and it certainly does not wrap Linux. Please reconsider looking at the documentation. It uses native kernel features. SystemD does a similar thing.

> For example Docker complexity - you need to learn a new filetype, a new set of commands, a new architecture, new configurations, spend hours reading another set of documentation

I can't say I agree.

[ownagefool]

A wrapper CLI that produces the same outcome wouldn't really be considered middleware, which surely should affect runtime?

[icedchai]

Docker is native Linux. Your app uses the same kernel as the host. Is "chroot" middleware? No. Neither is docker.

[consteval]

It does require a running daemon. Other solutions, like podman, do not. There is an overhead associated with docker.

[icedchai]

Yes, but containers do not incur overhead because of the daemon. It is there for management purposes. In other words, system calls / network access / etc are not going "through" the daemon.

[selfmodruntime]

> Docker is literally adding middleware between your Linux system and app.

Not really, no. Docker just uses functionality provided by the Linux kernel for its exact use case. It's not like a VM.

> it's absolutely overhead and complexity that is not necessary.

This is demonstratively wrong. Docker introduces less complexity compared to system native tools like Systemd or Bash. Dockerfiles will handle those for you.

> I have no idea what I am talking about

I wouldn't say that. You seem to have strong puritarian opinions tough.

[ffsm8]

O rly, pray tell, which middleware?

Your most powerful feature is literally a hostfile that docker generates on container start that's saved at /etc/hosts + Iptables rules

Edit: and if you don't want them, use Network-Mode: host and voila, none of that is generated

[PhilipRoman]

>have it manage my network interface and ports for me

...and bypass the host firewall by default unless you explicitly bind stuff to localhost :-/

I don't particularly love or hate docker, but when I realized this, I decided to interact with it as little as possible for production environments. Such "convenient" defaults usually indicate that developers don't care about security or integrating with the rest of the system.