Update 2021-02-15: Life has come along way since I wrote this article, even though it’s only five years ago. Today I use Docker every day, both personally and professionally. Nowadays I see the benefits of Docker and have learned a great deal since I wrote this. It’s interesting to look back on your own thoughts and see how much you (and the world) has changed. Therefore, I have kept the rest of this article intact.
Let me begin with saying that I don’t dislike Docker in any way. Docker is a nice piece of software and is making a lot of peoples lifes easier. What I list here is the reasons for why I don’t use Docker and why it doesn’t fit my needs. I wanted to write this since so many people have been telling me that “Docker is the new big thing”, which I’m sure it is. These people has convinced me in trying out Docker for a couple of years now. I believe I’m on my third year with Docker now. But these days I only have a single Docker container left. And I’ll have to be honest here. I too, was really hyped in the beginning with Docker. I thought it was just amazing. But as time has passed it has proven to add so much complexity into my life that it’s just not worth it anymore. I’m sure most it is depending on me not being able to handle Docker very well, I kinda feel to old for it sometimes. And why is this then?
Complexity and dependency hell
My plan for Docker in the beginning was to use it in production so that I could separate customers from each other in an easy way. As a bonus, I thought, I get the ability to move containers between machines in a very simple way. But things turned out not be so easy though. Let’s say I want a simple container with a webpage that requires Apache2, PHP5 and MySQL. Nothing fancy, these are things we use all the time. But in a Docker environment it turned out to be a bit problematic. Apache2 requires cron to able to rotate logs. Cron in turn requires syslog. And if you want to be able to send mail from the website you need a mail daemon. And all these package has depenceies of their own. So your container keeps growing. This adds another problem since you start your container with all these services. If one of these services stops, then your entire container will stop (remember, it’s not a virtual machine, it’s simple a container for services). So I lose the abilty to restart a single service. If I do, the entire container will go down.
MySQL requires a lot of memory, so if I run 100 containers on a machine, I’ll end up with 100 MySQL daemons. But now you might think “wait wait wait, you should run MySQL in a separate container (and probaly your mail daemon as well)”. And very true I should, following the concept of containers one should run one service per container. But here comes the next dependency hell… What if I would like to move 10 of my customers containers to a new machine? Then I’ll loose the database. Sure, I could make a dump/restore of those 10 customers and setup up a new container on that new machine. But now we’re adding complexity again.
There is also no easy way of starting a new service inside a running container, so you’ll need to stop it, commit it to a new images and start it back up with the new service.
Let’s say I keep building upon my containers and commiting them to new images
from time to time as they keep growing and I’ll keep updating them with
update && apt-get upgrade. Sooner or later, I’ll end with a lot of layers. And
currently there’s a limit of 127 layers. So after this, I’m screwed. You might
think that 127 layers is much, and that you’ll probably throw away your
container and start over before you hit this limit. But in a production
environment, it’s hard to just throw stuff away and start over.
In the beginning I kept my data inside my containers, but this is not “the way”
to go with Dockers. One should create volumes instead. But the problem with
volumes is that they are owned by root on the host system, so there is no way
for a regular user to write to them, even if the container was created and
started by a regular user. Sure, one could
chown user:user the directory, but
as soon as something inside the container touches a file, it’s back to being
owned by root.
Am I simply too old?
For me Docker has added a lot of maintaince and complexity to an already complex environment. It seems most of the people I talk with about Docker claims that Docker simplify a lot of their lifes and they tend to do less maintaince since they introduced Docker to their enviroment. But I just can’t see it. Which got thinking I might be to old for Docker? You know how it is, you’re used to something and suddenly this entire new thing comes along. But I’ve really tried to learn Docker. I’ve read plenty of books and manuals on it, been to classes and lectures on it and so on. I’ve also used Docker for about two years now. But I can’t see how it could simplify something for me at all. Or well, sure, it’s nice to have on your laptop for trying out a new program or service. But even there, I tend to run into problems and keep falling back to running real virtual machines instead.
I’m not alone
For the longest time I thought I was alone thinking that Docker added complexity instead of easing it. But after googling around I’ve come across others with the same toughts, and that’s kinda comforting at least.