| > If I want to run this on windows, or osx Yeah, it's completely nonsense then, the whole point for this is to be extremely lightweight; if you have to run a full VM you may just as well use it directly. > You also have to maintain those containers/images Well, that's true, but due to the containers being lightweight and focused you don't really have that much to maintain. I'm not a supporter of one-process-per-container philosophy, but even 3 processes/services inside a container are easier to manage than a full VM. > not to mention lug around a 600+mb base OS image and update it Last I checked the base Ubuntu image was ~120Mb. > I am not sure how Docker handles keeping images updated You just rebuild them. Thanks to Dockerfiles it's fully automated, so you can plug it into your CI. The whole point of Docker containers is that they are very easy and cheap to build, run, share and destroy. Personally, I use Docker as a replacement for VirtualBox - my containers are nearly-full-OSes, with sshd, cron, syslog etc. running on them. But building a new one for a new project - if the project doesn't need something exotic like different distro - takes tens of seconds at most and starting/running a new instance (which is equivalent of starting VirtualBox image) takes a few seconds at most. The important thing to remember about Docker is that you can have as little or as much of an OS inside of a container as you want. The only thing shared between the container and native OS is the kernel - inside the container you can install any distro you want or even get by without any explicit distro (although I don't know if someone tried this yet). You can have a full-fledged OS if you really need it - you can run the container, ssh on it and configure everything you need to. Or you can just run a single process inside a container. Or you can stay in the middle. Whatever you do, Docker gracefully adapts, unlike a VM, which will always need heaps of RAM, have problems with interop and so on. Over in *BSD land they have jails - I've been using them for years before Docker existed - and they are really proven piece of technology. One interesting use case for them is in PC-BSD, which is FreeBSD-derived desktop system. There's this nifty "wizard-like" GUI for spinning up jails for installing packages from outside the official package manager (like from sources or ports). The system takes care of tunneling, symlinking userland and so on; you can install/build/compile three different versions of Firefox in their respective jails and run them seamlessly alongside each other on your native desktop. It's just one of the possibilities this technology - I mean very cheap kernel-level virtualization - can be used for. |
However, you do require Docker (or LXC), and you need proper cgroup support in your kernel if you want true isolation. This is perfectly fine for myself and perhaps a few of my developers running Linux, but it starts to look less appealing in other environments.
Personally, I have to maintain multiple FreeBSD servers and even have a local FreeBSD machine for related purposes. I've also had to develop and maintain python applications for SmartOS (solaris based) machines.
Perhaps one day Docker will support Solaris Zones or FreeBSD jails, who knows. :)