Hacker News new | ask | show | jobs
by zoogeny 390 days ago
Nix falls into the camp in my mind that includes Rust: great idea that I just don't have time for right now.

Reproducibility is the holy grail, IMO. It is so valuable that any system that actually achieves it will find some longevity and eventually be hammered into a useable form. I believed in the promise when AWS was all about amis. Then I believed in the promise with docker. It seems something like Nix is a natural next step in this evolution.

I want it to succeed enough that it gets easy enough for me to use. But for now I'll stick with macOS for my laptop and docker with alpine for my deployments.
1 comments
codethief 389 days ago
> Reproducibility is the holy grail, IMO

> I'll stick with […] docker with alpine for my deployments

Huh. In my experience Alpine is the worst possible base image to use if you care about reproducibility.

  - The package index's URL cannot be pinned (URL expires on a regular basis)
  - The downloaded package index itself (tarball) cannot be pinned/cached, either, because old package versions (i.e. the URLs in the tarball) become unavailable after a few weeks.
Meanwhile:

https://snapshot.debian.org/

https://snapshot.ubuntu.com/

link
zoogeny 388 days ago
That is a good point and I should have been more clear. My choice for alpine isn't based on it's reproducibility at all, but its small size.

As with anything in engineering there are tradeoffs, there is no singular perfect solution. My choice of alpine was from years ago when I examined the amount of included code in competing docker images and I found the alpine solution was geared towards the least amount of code required to achieve the desired goal (e.g. running a server of a particular kind). That line of thought almost certainly requires a new examination of the available options since the world has changed since I last did a deep dive into docker base images.

In a perfect world I want a base image that doesn't contain a single bit extraneous to executing the services I deploy (for whatever expansive definition of "necessary" I arbitrarily choose). And in that perfect world the image is completely reproduceable from a static definition. Oh yeah, and it should be stable/robust, free from exploits, etc.

So it might be too strong to say "holy grail" if one interprets that as a singular goal that needs to be fulfilled. I meant it as "one among many" in the list of virtues I look for.

That being said, there are a lot of minimal *nixes these days and I would expect Nix would be a contender in that realm as well.

link