How Docker was born

cm0002@lemmy.world · 1 month ago

How Docker was born

kitnaht@lemmy.world · 1 month ago

The biggest problem that I have with docker is honestly, the fear of a supply-chain attack.

Drasla@lemmy.studio · 1 month ago

You mean compromised code sneaking into Docker images? Or a DOS on dockerhub?

kitnaht@lemmy.world · 1 month ago

Supply chain attack has a definition. And it has nothing to do with DDoS.

roofuskit@lemmy.world · 1 month ago

They worry about someone replacing the docker image on the hosting server with a malicious modified version for people to pull down during updates.

zalgotext@sh.itjust.works · 1 month ago

This worry exists for literally every 3rd party dependency, not just docker, and is addressed the same way - by running tests and vulnerability scans in a sandboxed test environment before shipping to prod

lowleveldata@lemmy.world · 1 month ago

Still doesn’t work in production because it’s a multi-cluster k8s instead of a simple laptop

InnerScientist@lemmy.world · 1 month ago

Run a multi-cluster k8s on your notebook to test then?

marcos@lemmy.world · 1 month ago

Good luck, the instances can’t just be started in any random order and at their current version their dependency graph is cyclical.

InnerScientist@lemmy.world · 1 month ago

There’s a solution you’re not seeing, make the notebook part of the production cluster.

anton@lemmy.blahaj.zone · 1 month ago

https://xkcd.com/1718

roofuskit@lemmy.world · 1 month ago

Miles O'Brien@startrek.website · 1 month ago

I love when people say they feel dumb because they didn’t know something, because then I get to share xkcd with them, too.

optional@sh.itjust.works · 1 month ago

It’s really great how docker shifted the problem from “works on my machine” to “works with my version of docker”.

Lifter@discuss.tchncs.de · 1 month ago

…on my machine.