Stuff I'm working with #1Sunday, April 19, 2015
A few things that are keeping me busy, or making me pull my hair out, either at work, or at home. There is a few more I want to write about, I just have to find some time.
I have seen someone describe Docker as "chroot on steroids", and it really is the best description I can think of. Chroot changes the path resolution algorithm so that / resolves to something else, thereby hiding everything above from the processes running in the chroot. Docker takes this a step further, and it isolates processes, mount points, user ids, and probably a lot of other stuff. I can see it useful because you can create Dockerfile that you ship with your application, which packages the whole stack that your application needs, installed packages, with their configurations and everything else. Another nice thing is that you can have your own repository of docker images (prebuilt docker application basically), and when you release a new version of your application, you push that into the registiry, and have your servers pull down the new version. This makes rolling back to a previous version trivial.
Here is an example that sets up Syncthing (see later) in an isolated Debian box:
FROM debian:wheezy ENV VERSION 0.10 ENV RELEASE linux-amd64 WORKDIR /home/root RUN apt-get update && apt-get install -y wget ca-certificates && \ apt-get clean && \ useradd -m syncthing && \ wget -O - https://github.com/syncthing/syncthing/releases/download/$VERSION/syncthing-$RELEASE-$VERSION.tar.gz | \ tar -xzf - -C /usr/local && \ ln -s /usr/local/syncthing-$RELEASE-$VERSION/syncthing /usr/local/bin EXPOSE 8080 22000 21025/udp USER syncthing ENTRYPOINT [ "syncthing" ]
You save this as a file called Dockerfile , and run docker build ., then docker run $the-id-that-docker-build-gave , and you have syncthing running in a "virtual machine". If you decide you no longer need it, you just stop the container, and delete the image. Updating to a new version is just a question of editing the ENV line in the Dockerfile .
I love Ansible. I have now setup my dotfiles repo to use ansible, and provisioned my own VPSes with it. It makes it trivial to go from special snowflake to phoenix server. I have tried playing around with Puppet before, but gave up (probably too) quickly with setting up the certificates it requires at the start. Ansible uses SSH as a transport layer, so you only need to have an SSH account to use it. You can automate provisioning home servers, web applications with load balancers, or even deploying new versions of your application.
It's rapidly growing, and has support for newish stuff like Docker. If you do find yourself in need of something it does not support, it's trivial to write plugins for it, it's basically text processing all the way. I needed a module to interface with loginctl (systemd's thingy), and after an hour I had it ready. If you use Python (which is the recommended language for plugins) it has premade modules to help you. I lost quite a few small modifications to my system, because it was a pita and too brittle to automate them with shell scripting, but it's trivial to do with Ansible.
There are some dropbox alternatives popping up, like Syncany, Seafile, Spideroak, BTSync, etc. that you can set up for yourself. Naturally I wanted something too, so I can be independent of a 3rd party, and I went with Syncthing (now called Pulse). It's open source, set up for yourself, end-to-end encrypted, decentralized, and uses the bittorrent protocol for syncing (so more nodes, more speed). It's currently at 0.10.30, but it's quite stable, and growing rapidly, with 1526 closed issues, and 136 open. I'm running 0.10.21 at the moment to syncronize my MP3 collection (49 GB of data) between 3 computers, and it's working like a charm. Unfortunately it is still missing some features that keeps it from being a complete replacement for Dropbox. The whole GUI is a webpage, so there is no tray indicator, which makes me want to open the webpage after I make some changes, to make sure it picked up. There is no inotify support for listening to filesystem events, so it uses polling.
There is also an android client, though I haven't tried it. This also my first app that I dockerized.
As a side note, take a look at the manifesto of the team that is behind Syncthing, called Indie. It's fucking awesome, and I'm definitely keeping a close eye on them, there is a real need to raise awareness of corporate surveillance.
I did read several success stories about how someone (the last one I think was BBC) rebuilt something in Node, and now it's oh so much better. My personal opinion is that if you get a clean state to rebuild something (or just build something), you would get the same end result. It's not the language that made it so good, but the skill and experience of the programmers. I can see it exploding (even more) in the future though, but right now I would not build something for a client with it, unless he specifically requested it.
Oh btw, it's already forked.