It’s really simple, it’s a container containing a virtual os, which runs a browser and a webserver to run the app. The app connects to several external api services to do it’s thing.
Hmmm! Interesting! I knew the container shares the kernel with the host OS but I thought most of the rest would be there. I did never really have time to go through every detail tbh. Running 60 docker containers is too time consuming :) thanks for elaborating though.
Harder to accidently render insecure? My experience is the opposite, that docker style containers frequently fail to update vulnerable dependencies.
Also depending on context, I can say often the container is harder to use. Snap is probably the easiest to use of the solutions, flatpak makes cli invocation a pain, and docker style sucks entirely for interaction, but is fine if your primary interaction is via Web service once you set it up (but oh boy, adding a webui package means you get to mess with nginx or apache proxypass by hand, and each app may require subtly different parameters in proxypass).
The person said “containers” so I was responding to both.
However, docker containers could stand to learn a thing or two with how flatpak and snap compose a runtime. Applications can say “allow x, y, and z dependency layers to update independent of the application container”, versus the docker style of the app developer must own maintenance of the entire image.
There may be reasonable differences with respect to how much of a users “real” files and environment are presented to a container in those scenarios, and functional differences like gui and networking suggesting different defaults, but image composition does not need differentiation for their use cases.
I get to witness to enterprise services flavor of that. Where the company pays software architects that aren’t actually coding and coders not allowed to make architectural decisions.
You have software that takes http? You need to rewrite it so that you only speak rabbitmq, and use it for every http request or Web socket message, don’t worry, we have a team that specializes in making http translate to rabbit mq, so you only have to rewrite the server code, another team will handle the http listener that translates to you.
What’s that, you have a non http protocol? Well, the other team isn’t scoped to handle that, so you’ll need to convert your listener to rabbitmq and create a whole separate container to actually receive the packets in udp and then translate to rabbitmq. No “processing” software is allowed to speak anything but rabbitmq, and network listener containers are only allowed to dumb receive and Forward.
It’s really simple, it’s a container containing a virtual os, which runs a browser and a webserver to run the app. The app connects to several external api services to do it’s thing.
It’s like, really simple!
I‘m very scared that this might actually be the case in some apps out there.
deleted by creator
I‘m not sure I understand. At least docker containers have their own os, mostly alpine linux. Dunno if that applies to other apllications.
deleted by creator
Hmmm! Interesting! I knew the container shares the kernel with the host OS but I thought most of the rest would be there. I did never really have time to go through every detail tbh. Running 60 docker containers is too time consuming :) thanks for elaborating though.
deleted by creator
Dont worry. Learn as you go. I rather make projects to learn things in a practical way.
deleted by creator
It probably was very simple for the kid who wrote it, just import everything and write a couple of lines to use all this stuff that already exists!
Gotta love using a base container image that is far too overkill for what you’re trying to run.
deleted by creator
Harder to accidently render insecure? My experience is the opposite, that docker style containers frequently fail to update vulnerable dependencies.
Also depending on context, I can say often the container is harder to use. Snap is probably the easiest to use of the solutions, flatpak makes cli invocation a pain, and docker style sucks entirely for interaction, but is fine if your primary interaction is via Web service once you set it up (but oh boy, adding a webui package means you get to mess with nginx or apache proxypass by hand, and each app may require subtly different parameters in proxypass).
deleted by creator
The person said “containers” so I was responding to both.
However, docker containers could stand to learn a thing or two with how flatpak and snap compose a runtime. Applications can say “allow x, y, and z dependency layers to update independent of the application container”, versus the docker style of the app developer must own maintenance of the entire image.
There may be reasonable differences with respect to how much of a users “real” files and environment are presented to a container in those scenarios, and functional differences like gui and networking suggesting different defaults, but image composition does not need differentiation for their use cases.
I get to witness to enterprise services flavor of that. Where the company pays software architects that aren’t actually coding and coders not allowed to make architectural decisions.
You have software that takes http? You need to rewrite it so that you only speak rabbitmq, and use it for every http request or Web socket message, don’t worry, we have a team that specializes in making http translate to rabbit mq, so you only have to rewrite the server code, another team will handle the http listener that translates to you.
What’s that, you have a non http protocol? Well, the other team isn’t scoped to handle that, so you’ll need to convert your listener to rabbitmq and create a whole separate container to actually receive the packets in udp and then translate to rabbitmq. No “processing” software is allowed to speak anything but rabbitmq, and network listener containers are only allowed to dumb receive and Forward.
deleted by creator
Tech hipsters be like: you had me at container!