Don’t expect “van lifers” to be smart. Came across a few and most of them did not have any camping, survival or military experience/training. They usually thought they had a hotel on 4 wheels and there will always be sun. And 99% of those people were doing yoga. Not saying there is a causation, but at least there is a correlation.
zr0
joined 9 months ago
Of course it is overkill for a homelab. The other features you mentioned, can be achieved by Nomad or Swarm as well. And with Nomad you don’t even have to use the Docker engine.
Just ask yourself the following question: why is helm so popular? Why do I need a third party scripting language just for K8s?
You clearly will feel that K8s did many things right. 10 years ago. But we learned from that. And operations cost are exploding everywhere I see K8s in use (with or without Helm). Weird side effects, because at this layer you almost have an indefinite amount of edge cases.
That’s why I move away from K8s. To make very large and complex platforms manageable for a small operations team. The DevOps Engineers don’t like that obviously, because it is a major skill on the job market. In the end, I have to prioritize and all I can do is spread awareness, that K8s was great at some point, as was Windows 98 SE.
Yes. Do that. Thanks to the TSA, I can now open any luggage without traces. Saves a lot of time. Don’t have to enter 123456 anymore.
And this is why I do not like K8s at all. The only reason to use it is to have something on your CV. Besides that, Docker Swarm and Hashicorp Nomad feel a lot better and are a lot easier to manage.
Same as if the CEO of your employer gets switched out, with the difference, that the Russian Navy did not plan this. It is hard to find replacement and takes a while (6+ months). During that time, they have a disadvantage.
Let’s not cut videos unfavorably.
And just to be clear:
- Hamas attacked Israel
- Israel has the right to defend themselves
- this does not mean that the genozide is justified.
I’m surprised by the accuracy.
Threema. And don’t forget, real privacy and security, with centralized services, is never free. The app is tested by third party and is open source. And, you don’t have to share your phone number, unlike with Signal.
Docker uses LXC. LXC is actually at the core of many container engines.
Yeah I saw that plugin a few years ago and it was not ready for production yet.
I am going a whole different route, but have the same motivation: get rid of docker and improve the security.
I will move from docker compose to Nomad. And I will also not use containers itself anymore. I want/need more security. You can achieve this with MicroVM (Firecracker). However, you would need to build those VM images yourself. But there is a solution to it. Kata-containers. They allow to deploy OCI compliant containers into seperate MicroVM’s. Then you have true isolation from the host kernel, while not losing much of start-up time.
It sucks to migrate to podman if you have been using Docker Compose heavily.
Also, updating is done with
docker compose pull
and
docker compose up -d
every 24h via cronjob
The funny thing what The Guardian and others do not get is the crucial difference between a “signature machine” and a digital signature. They treat both equally fake, even though a digital signature is a cryptographic secure way to proof someone’s identity, where the signature machine just puts ink on a paper.
But that’s how laws work in a lot of countries. Ink on the paper is accepted, digital signatures not. Now have fun proving if a signature was drawn by hand or machine.