[openstack-dev] [kolla] on Dockerfile patterns

Clint Byrum clint at fewbar.com
Tue Oct 14 20:12:50 UTC 2014


Excerpts from Lars Kellogg-Stedman's message of 2014-10-14 12:50:48 -0700:
> On Tue, Oct 14, 2014 at 03:25:56PM -0400, Jay Pipes wrote:
> > I think the above strategy is spot on. Unfortunately, that's not how the
> > Docker ecosystem works.
> 
> I'm not sure I agree here, but again nobody is forcing you to use this
> tool.
> 
> > operating system that the image is built for. I see you didn't respond to my
> > point that in your openstack-containers environment, you end up with Debian
> > *and* Fedora images, since you use the "official" MySQL dockerhub image. And
> > therefore you will end up needing to know sysadmin specifics (such as how
> > network interfaces are set up) on multiple operating system distributions.
> 
> I missed that part, but ideally you don't *care* about the
> distribution in use.  All you care about is the application.  Your
> container environment (docker itself, or maybe a higher level
> abstraction) sets up networking for you, and away you go.
> 
> If you have to perform system administration tasks inside your
> containers, my general feeling is that something is wrong.
> 

Speaking as a curmudgeon ops guy from "back in the day".. the reason
I choose the OS I do is precisely because it helps me _when something
is wrong_. And the best way an OS can help me is to provide excellent
debugging tools, and otherwise move out of the way.

When something _is_ wrong and I want to attach GDB to mysqld in said
container, I could build a new container with debugging tools installed,
but that may lose the very system state that I'm debugging. So I need to
run things inside the container like apt-get or yum to install GDB.. and
at some point you start to realize that having a whole OS is actually a
good thing even if it means needing to think about a few more things up
front, such as "which OS will I use?" and "what tools do I need installed
in my containers?"

What I mean to say is, just grabbing off the shelf has unstated
consequences.

> > Sure, Docker isn't any more limiting than using a VM or bare hardware, but
> > if you use the "official" Docker images, it is more limiting, no?
> 
> No more so than grabbing a virtual appliance rather than building a
> system yourself.  
> 
> In other words: sure, it's less flexible, but possibly it's faster to
> get started, which is especially useful if your primary goal is not
> "be a database administrator" but is actually "write an application
> that uses a database backend".
> 
> I think there are uses cases for both "official" and customized
> images.
> 

In the case of Kolla, we're deploying OpenStack, not just some new
application that uses a database backend. I think the bar is a bit
higher for operations than end-user applications, since it sits below
the abstractions, much closer to the metal.



More information about the OpenStack-dev mailing list