A decade of Docker containers

Posted by zacwest 7 hours ago

A decade of Docker containers(cacm.acm.org)

195 points | 128 commentspage 2

brtkwr 5 hours ago|

I realise apple containers haven't quite taken off yet as expected but omission from the article stands out. Nice that it mentions alternative approaches like podman and kata though.

avsm 4 hours ago|

> but omission from the article stands out.

(article author here)

Apple containers are basically the same as how Docker for Mac works; I wrote about it here: https://anil.recoil.org/notes/apple-containerisation

Unfortunately Apple managed to omit the feature we all want that only they can implement: namespaces for native macOS!

Instead we got yet another embedded-Linux-VM which (imo) didn't really add much to the container ecosystem except a bunch of nice Swift libraries (such as the ext2 parsing library, which is very handy).

rando1234 2 hours ago||

Didn't Vagrant/Vagrantfiles precede Docker? Unclear why that would be the key to its success if so.

phplovesong 4 hours ago||

We have shipped unikernels for the last decade. Zero sec issues so far. I highly recommend looking into the unikernel space for a docker alternative. MirageOS being a good start.

avsm 4 hours ago|

cool! What services have you shipped as unikernels? Docker doesn't have to be an alternative; it can help with the build/run pipeline for them too: https://www.youtube.com/watch?v=CkfXHBb-M4A (Dockercon 2015!)

politelemon 5 hours ago||

Somewhere along the line they started prioritising docker desktop over docker. It's a bit jarring to see new features coming to desktop before it comes to Linux, such as the new sandbox features.

Is there any insight into this, I would have thought the opposite where developers on the platform that made docker succeed are given first preview of features.

krapht 4 hours ago|

Paying customers use docker desktop.

arikrahman 5 hours ago||

I'm hoping the next decade introduces more declarative workflows with Nix and work with docker to that end.

INTPenis 6 hours ago||

I thought it was 2014 when it launched? The article says the command line interface hasn't changed since 2013.

avsm 6 hours ago|

We first submitted the article to the CACM a while ago. The review process takes some time and "Twelve years of Docker containers" didn't have quite the same vibe.

heraldgeezer 4 hours ago||

I still havent learned it being in IT its so embarassing. Yes I know about the 2-3h Youtube tutorials but just...

1970-01-01 3 hours ago||

I now wonder if we'll end up switching it all back to VMs so the LLMs have enough room to grow and adapt.

skybrian 3 hours ago|

Maybe, but the install will often be done using a Docker file.

callamdelaney 3 hours ago||

The fact that docker still, in 2026, will completely overwrite iptables rules silently to expose containers to external requests is, frankly, fucking stupid.

netrem 1 hour ago|

Indeed. I've had even experienced sysadmins be surprised that their ufw setup will be ignored.

brcmthrowaway 5 hours ago|

I dont use Dockerfile. Am i slumming it?

vvpan 4 hours ago|

Probably? How do you deploy?

rglover 3 hours ago||

Just pull a tarball from a signed URL, install deps, and run from systemd. Rolls out in 30 seconds, remarkably stable. Initial bootstrap of deps/paths is maybe 5 minutes.

More comments...