I attended her talk on "Containerizing Your Desktop" at LinuxCon NA 2015, and she maintains this open source repository filled with awesome Dockerfiles that can run anything from Spotify to Chrome. Truly amazing
What is the point of running Chrome in a Docker container? Is it useful only for developers which want to test stuff using a fixed version of the browser, or is it something that everybody surfing the web should really want to do?
(I am not a web developer, so this is a sincere question. I am genuinely curious!)
Have you ever wondered why a computer seems to slow down over time, but after a reinstall it is magically faster? That is because programs install a lot of things, and often don't uninstall everything again, even if you ask it to.
Putting programs in a container means you keep your main system free of this cruft.
I don't think it's something everyone should want to do today, but there is a broader push to experiment with better isolation and portability of applications, and dockerizing applications is one avenue of experimenting with that (others would be things like NixOS or Qubes OS).
Note that in terms of isolation, I would be hesitant to consider this (dockerizing apps) a particularly strong solution in terms of security now, but isolation is not only about security, but also about e.g. preventing applications from crapping files all over your system (and being able to know where they've put files - e.g. "docker diff" is quite nice), and having convenient ways of restricting their resource usage etc.
For me at least, when I dockerize apps it tends to be about those concerns, as well as being able to run multiple versions of apps conveniently etc. or to be able to package up a whole toolchain and lock it at combinations of tools I know work well together.
Not the best isolation however because containers aren't sandboxes (yet). If you're really serious you need to run something like https://firejail.wordpress.com .
One thing that tends to be undervalued is sheer positivity and passion. Jess reminds me of Julia Evans, both radiate excitement whenever they talk at conferences, regardless of topic. More joy like this, please.
You may wish for fewer sources of drama, but there is always the risk that your wish will not be granted.
One particular problem is that drama has a certain amount of "background radiation" in the world, a noise floor you can't eliminate. The right solution is to have a gate in the sense that you just ignore things underneath the noise floor.
Lowering drama is possible, but elimination is impossible IMO. Hence, you end up in a situation where the perpetually outraged keep being outraged, because there is always some kind of noise floor you can grab onto.
You need to gauge "drama relative to other situations" in order to figure out where we stand. And once you do, you will realize that some people are feeding off of perpetual outrage.
In short, I think we need to define when we activate the gate. And for me personally, the amount of drama in tech is actually not that high. Try Sales&Marketing for a change :) It is just that social media is an excellent amplifier, so now we have far more focus than you had back in the 80'es and 90'es where the situation is likely to have been worse.
Not to Hijack the spotlight that Jess deserves or diminish her accomplishments: However, will happily add Tess Rinearson to the list of people who keep me excited about tech: https://twitter.com/_tessr
Jessie Frazelle is not only an inspiring and talented engineer but she is also an excellent community leader and a much needed and valued voice. On top of all of that, I echo the sentiments below, awesome human. Glad to see her being recognized!
For having worked with Jessie while she was still working at Docker (I no longer work there either), I can confirm that. She is genuinely radiant and her excitement for technology in general is contagious.
She was always around to help or hack something cool. I remember the night of the release of Docker 1.9, we stayed late at the office to merge the last PRs and run test suites before releasing the binaries. Jess did not have to be there but she stayed to help Tibor (another amazing human being and prolific contributor) and myself 'til 23pm on the release process. You know you are surrounded with talented engineers when you can count on them regardless of the difficulties encountered. That night, her presence lifted a big burden off my shoulders.
I'm not sure I would have had the same excitement for Docker before joining if she was not working there. To me, she had a huge impact on the craze towards containers.
Seeing a living breathing hue-man reminds me that none of the projects I use happen for free. And seeing people being turned into marketing material also reminds me that Github ain't free either.
It's not too obvious, but this is a Github "Story" (not just the profile of an OSS contributor). Pretty interesting content in the article. I know of her from Twitter (guess I randomly followed some time ago) - definitely worth a follow.
Hmm, is there a reason this is on HN today? Don't get me wrong, I'm happy to learn about interesting individuals, I just feel like I might be missing some context here. Did she win an award or do something particularly noticeable recently?
Oh, you mean why was it submitted & upvoted? Frankly, I never know why any particular story takes off whereas others do not. E.g., First Steve Yegge blog post in 5 years didn't even make 1st page of HN! (https://news.ycombinator.com/item?id=12979108)
Guess you'd have to ask everyone who up-voted why they did.
"The greatest contribution need for Docker"
I believe less is more. Docker has grown into an all consuming piece of complexity. The best code is code you never write.
Docker has taken the direction of a loose collection of tools tied together by an integrated interface. So you have the choice of using the platform as a whole, or standing up your choice of individual components on their own, without any dependency on Docker.
Based on your comment, you're probably not the target audience for the platform. I recommend checking out some of the components to see if they meet your criteria of simplicity.
In fairness, her answer to "greatest need" was documentation. That can grow too large as well, but right now the consensus seems to be that Docker is struggling with features outrunning accurate documentation - so where things aren't pared back, more records would be good.
I saw Jess speak at Kiwicon 9 in New Zealand. She did the whole thing live, from the command line, with no slides. It was probably one of the most compelling talks I've ever seen and an absolute honour to witness such skill and passion.
Myself and the several hundred other attendees were all in awe.
No, but all of the founders (and one of the top k8s guys from redhat) are at a firm based on it now: https://www.heptio.com
Jessie is an incredible speaker and a really funny engineer. It was genuinely hard to not laugh watching her talk @ Monitorama last year titled "Everything is Broken":
Kubernetes is a project started by Google to make managing containers at scale, on premise, or on the cloud, streamlined and dead simple. So far it is "winning".
Two of the three Kubernetes co-founders (Joe Beda and Craig Mcluckie) co-founded Heptio. The third (Brendan Burns) left Google for Microsoft, where Kubernetes on Azure reached GA today [0].
I am using k8s on azure container service. It's good! One thing I am unable to do is re-scale the cluster (add more nodes). They don't allow that somehow.
"This means the service is now backed by an SLA, and users will be able to get support contracts from Microsoft. Maybe more importantly, though, Microsoft also added two pivotal new features with this update: the ability to easily scale Kubernetes clusters up and down and support for high-availability setups with multiple masters."
Kubernetes [0] is an open source project hosted at the Cloud Native Computing Foundation (CNCF) [1]. It has many companies cooperatively developing and commercially supporting it [2].
Also, Jess Frazelle will be presenting at CloudNativeCon/KubeCon in Berlin on March 30 [3].
Other comments saying k8s (short f/kubernetes) people are in various companies are correct, but adding it was started at Google (and that's where jessfraz works on it).
Background for k8s is that Google had (has) an internal container scheduler called Borg (https://research.google.com/pubs/pub43438.html) with which they do clever things like pack a CPU-hungry and RAM-hungry process on the same box so all of that machine's resources get used, and can use the same server for a mix of production processes (that might e.g. be latency-sensitive need a dedicated core) and non-production tasks like internal data crunching. For example, a non-production task can run opportunistically when a prod job isn't using its full allocation of RAM, and be preempted if the production tasks need that RAM later or more important tasks come along.
Kubernetes is a ground-up effort to do the same sort of thing in the open. The components are different--etcd instead of Chubby, and of course not using Google's internal container stuff for tasks--but idea's the same.
If you haven't heard of Jessie Frazelle, definitely check out her work. As others have expressed, she's a brilliant engineer, speaker, and writer.
If I were in charge of hiring, I'd have recruiters pestering the hell out of her to join my team.
Seriously, she's one of my favorite people that I've never met :)
I haven't met her (besides a very few tweeters interaction) but she counts among her fans, I really love the work that she is doing.
I tried to hire her and failed. :-(
I think that's the first time I see someone publicly saying that they tried to hire someone and it failed, very interesting.
Really? Well, perhaps it's just that I'm not ashamed to say when I failed.
As someone trying to get hired in a similar space, if you don't mind me asking, why specifically were you trying to hire her?
why specifically were you trying to hire her?
I attended her talk on "Containerizing Your Desktop" at LinuxCon NA 2015, and she maintains this open source repository filled with awesome Dockerfiles that can run anything from Spotify to Chrome. Truly amazing
https://github.com/jessfraz/dockerfiles
I saw Jess' "Application Sandboxes vs. Containers" talk at Craft Conference last year. Very interesting!
http://www.ustream.tv/recorded/86185167
By your description I thought she'd just created 5 or so examples, I wasn't expecting such a breadth of stuff!
Did she talk about advantages/disadvantages to this approach? Does she use this daily?
What is the point of running Chrome in a Docker container? Is it useful only for developers which want to test stuff using a fixed version of the browser, or is it something that everybody surfing the web should really want to do?
(I am not a web developer, so this is a sincere question. I am genuinely curious!)
Have you ever wondered why a computer seems to slow down over time, but after a reinstall it is magically faster? That is because programs install a lot of things, and often don't uninstall everything again, even if you ask it to.
Putting programs in a container means you keep your main system free of this cruft.
AKA https://en.wikipedia.org/wiki/DLL_Hell
and the non-solutions of WinSxS (https://en.wikipedia.org/wiki/Side-by-side_assembly) and the current 'binaries are linked to an exactly matching library forever, install EVERY possible library version'.
https://web.archive.org/web/20100305054645/http://msdn.micro...
I don't think it's something everyone should want to do today, but there is a broader push to experiment with better isolation and portability of applications, and dockerizing applications is one avenue of experimenting with that (others would be things like NixOS or Qubes OS).
Note that in terms of isolation, I would be hesitant to consider this (dockerizing apps) a particularly strong solution in terms of security now, but isolation is not only about security, but also about e.g. preventing applications from crapping files all over your system (and being able to know where they've put files - e.g. "docker diff" is quite nice), and having convenient ways of restricting their resource usage etc.
For me at least, when I dockerize apps it tends to be about those concerns, as well as being able to run multiple versions of apps conveniently etc. or to be able to package up a whole toolchain and lock it at combinations of tools I know work well together.
There are lots of potential reasons. Some things I've considered doing it for (many of which have alternative solutions, but nevertheless)
Different network configurations per browser. This is useful for doing things like checking geo-targetting via VPNs etc.
Better security isolation. Chrome is pretty good at this, but if you want to run a suspicious add-on this is a good way to do it.
Better isolation for scriptable browsers.
I'm sure there are plenty I haven't thought of.
Not the best isolation however because containers aren't sandboxes (yet). If you're really serious you need to run something like https://firejail.wordpress.com .
I think (hope?) people would realize that by now about Docker. But it is a non-trivial amount of protection against things like local file access.
I think doing that is kind of insane but I love that she is doing it. Also, as an OS geek, I enjoy reading about the setups of other geeks.
One thing that tends to be undervalued is sheer positivity and passion. Jess reminds me of Julia Evans, both radiate excitement whenever they talk at conferences, regardless of topic. More joy like this, please.
Exactly. We need way way way less drama.
We need fewer sources of drama. As long as there are still sources of drama it serves a purpose.
You may wish for fewer sources of drama, but there is always the risk that your wish will not be granted.
One particular problem is that drama has a certain amount of "background radiation" in the world, a noise floor you can't eliminate. The right solution is to have a gate in the sense that you just ignore things underneath the noise floor.
Lowering drama is possible, but elimination is impossible IMO. Hence, you end up in a situation where the perpetually outraged keep being outraged, because there is always some kind of noise floor you can grab onto.
You need to gauge "drama relative to other situations" in order to figure out where we stand. And once you do, you will realize that some people are feeding off of perpetual outrage.
In short, I think we need to define when we activate the gate. And for me personally, the amount of drama in tech is actually not that high. Try Sales&Marketing for a change :) It is just that social media is an excellent amplifier, so now we have far more focus than you had back in the 80'es and 90'es where the situation is likely to have been worse.
Not to Hijack the spotlight that Jess deserves or diminish her accomplishments: However, will happily add Tess Rinearson to the list of people who keep me excited about tech: https://twitter.com/_tessr
Jessie Frazelle is not only an inspiring and talented engineer but she is also an excellent community leader and a much needed and valued voice. On top of all of that, I echo the sentiments below, awesome human. Glad to see her being recognized!
For having worked with Jessie while she was still working at Docker (I no longer work there either), I can confirm that. She is genuinely radiant and her excitement for technology in general is contagious.
She was always around to help or hack something cool. I remember the night of the release of Docker 1.9, we stayed late at the office to merge the last PRs and run test suites before releasing the binaries. Jess did not have to be there but she stayed to help Tibor (another amazing human being and prolific contributor) and myself 'til 23pm on the release process. You know you are surrounded with talented engineers when you can count on them regardless of the difficulties encountered. That night, her presence lifted a big burden off my shoulders.
I'm not sure I would have had the same excitement for Docker before joining if she was not working there. To me, she had a huge impact on the craze towards containers.
Seeing a living breathing hue-man reminds me that none of the projects I use happen for free. And seeing people being turned into marketing material also reminds me that Github ain't free either.
It's not too obvious, but this is a Github "Story" (not just the profile of an OSS contributor). Pretty interesting content in the article. I know of her from Twitter (guess I randomly followed some time ago) - definitely worth a follow.
> It's not too obvious, but this is a Github "Story"
This should be part of the title.
Hmm, is there a reason this is on HN today? Don't get me wrong, I'm happy to learn about interesting individuals, I just feel like I might be missing some context here. Did she win an award or do something particularly noticeable recently?
It could be because she's been outspoken about the issues surrounding women in tech https://twitter.com/jessfraz . She's dealt with workplace inequality as has been described as going on at Uber https://www.nytimes.com/2017/02/19/business/uber-sexual-hara... . That isn't to say her portfolio isn't impressive enough on its own.
Probably this is why (6 year ago comment from pg on HN ranking algorithm): https://news.ycombinator.com/item?id=1781013
Oh, you mean why was it submitted & upvoted? Frankly, I never know why any particular story takes off whereas others do not. E.g., First Steve Yegge blog post in 5 years didn't even make 1st page of HN! (https://news.ycombinator.com/item?id=12979108)
Guess you'd have to ask everyone who up-voted why they did.
"The greatest contribution need for Docker" I believe less is more. Docker has grown into an all consuming piece of complexity. The best code is code you never write.
Amen!
Docker has taken the direction of a loose collection of tools tied together by an integrated interface. So you have the choice of using the platform as a whole, or standing up your choice of individual components on their own, without any dependency on Docker.
Based on your comment, you're probably not the target audience for the platform. I recommend checking out some of the components to see if they meet your criteria of simplicity.
A few examples:
https://runc.io
https://containerd.tools
https://github.com/docker/swarmkit
https://github.com/docker/notary
https://github.com/docker/infrakit
https://github.com/docker/hyperkit
We are continuing the work of carving out more and more usable components from the platform.
One tricky issue with Docker is its overlap with systemd. Both can be responsible for running services. It is unclear how to integrate them well.
Why was the parent down-voted?
In fairness, her answer to "greatest need" was documentation. That can grow too large as well, but right now the consensus seems to be that Docker is struggling with features outrunning accurate documentation - so where things aren't pared back, more records would be good.
I recommend this:
https://blog.jessfraz.com/
Jess has a passion that is rivaled by few, a truly inspiring engineer. Keep up the awesome work!
P.S. Her twitter timeline is a must-follow - https://twitter.com/jessfraz
I saw Jess speak at Kiwicon 9 in New Zealand. She did the whole thing live, from the command line, with no slides. It was probably one of the most compelling talks I've ever seen and an absolute honour to witness such skill and passion. Myself and the several hundred other attendees were all in awe.
Her uses this setup is pretty interesting: https://usesthis.com/interviews/jessie.frazelle/
I was kind of hoping she won an award or something, she radiates so much positivity and is an awesome hacker.
Is kubernetes a company?
No, but all of the founders (and one of the top k8s guys from redhat) are at a firm based on it now: https://www.heptio.com
Jessie is an incredible speaker and a really funny engineer. It was genuinely hard to not laugh watching her talk @ Monitorama last year titled "Everything is Broken":
https://vimeo.com/173704265
Kubernetes is a project started by Google to make managing containers at scale, on premise, or on the cloud, streamlined and dead simple. So far it is "winning".
Two of the three Kubernetes co-founders (Joe Beda and Craig Mcluckie) co-founded Heptio. The third (Brendan Burns) left Google for Microsoft, where Kubernetes on Azure reached GA today [0].
[0] http://blog.kubernetes.io/2017/02/caas-the-foundation-for-ne...
I am using k8s on azure container service. It's good! One thing I am unable to do is re-scale the cluster (add more nodes). They don't allow that somehow.
That limitation was apparently lifted today.
https://techcrunch.com/2017/02/21/kubernetes-on-microsofts-a...
"This means the service is now backed by an SLA, and users will be able to get support contracts from Microsoft. Maybe more importantly, though, Microsoft also added two pivotal new features with this update: the ability to easily scale Kubernetes clusters up and down and support for high-availability setups with multiple masters."
Kubernetes [0] is an open source project hosted at the Cloud Native Computing Foundation (CNCF) [1]. It has many companies cooperatively developing and commercially supporting it [2].
Also, Jess Frazelle will be presenting at CloudNativeCon/KubeCon in Berlin on March 30 [3].
[0] https://kubernetes.io [1] https://www.cncf.io [2] https://kubernetes.io/partners/ [3] https://cloudnativeeu2017.sched.com/mobile/#person:jess_fraz...
Disclosure: I'm the executive director of CNCF.
Other comments saying k8s (short f/kubernetes) people are in various companies are correct, but adding it was started at Google (and that's where jessfraz works on it).
Background for k8s is that Google had (has) an internal container scheduler called Borg (https://research.google.com/pubs/pub43438.html) with which they do clever things like pack a CPU-hungry and RAM-hungry process on the same box so all of that machine's resources get used, and can use the same server for a mix of production processes (that might e.g. be latency-sensitive need a dedicated core) and non-production tasks like internal data crunching. For example, a non-production task can run opportunistically when a prod job isn't using its full allocation of RAM, and be preempted if the production tasks need that RAM later or more important tasks come along.
Kubernetes is a ground-up effort to do the same sort of thing in the open. The components are different--etcd instead of Chubby, and of course not using Google's internal container stuff for tasks--but idea's the same.
Glad to hear she is working on Kube now instead of Mesos!
one of the sharper people out there.