Re: [atomic-devel] Friends don't let friends run Docker on loopback in production

On 15/04/15 11:51 -0400, Colin Walters wrote:

I've seen several people using Docker on loopback; this is the default if you use a mainline system + yum install Docker, as opposed to an Atomic host which uses https://github.com/projectatomic/fedora-productimg-atomic and https://github.com/projectatomic/docker-storage-setup

I submitted this:


However, I think we can do more here.

- Anaconda UI for reserving a thin pool
- overlayfs

I'm thinking of making this warning even stronger (as in it's emitted on the client, not just part of the intense amount of spam the docker daemon emits every time you run a container[1]).

Any other thoughts?

[1] And we really need to fix NM to not spew lots when Docker makes veth devices (https://bugzilla.gnome.org/show_bug.cgi?id=731014 ) etc

I agree that loop-lvm should be a last resort setup, like the 'vfs'
driver is presently. Perhaps having these as more distinct profiles.
Despite the distaste for it and total lack of support for devicemapper
loop-lvm, the issue stands that it the lowest barrier to entry for most
folks. Overlay will remedy that for many folks.

I hesitate to say that we even should have a warning displayed to the
docker client, with a link to "learn more about optimal driver setup",
which could guide them for their use case.


