[HN Gopher] Docker Desktop no longer free for large companies ___________________________________________________________________ Docker Desktop no longer free for large companies Author : alanwreath Score : 419 points Date : 2021-08-31 15:53 UTC (7 hours ago) (HTM) web link (www.theregister.com) (TXT) w3m dump (www.theregister.com) | princevegeta89 wrote: | Is the docker for Mac fixed yet? Last time I checked there were | issues with disk mounting which really affected performance | coding123 wrote: | As weird as it might seem, Microsoft would probably be the best | company to acquire Docker at this point. | | They could probably turn this around a bit into a free with | Windows, pay for Linux (at the 250 employee level - possibly up | the employee count to 500 though). | orthoxerox wrote: | Nah, they should just build a vscode plugin that makes it easy | to manage docker running inside WSL2. Bam, Docker Desktop is a | beached whale. | hbn wrote: | > free with Windows, pay for Linux | | Isn't Docker Desktop (i.e. the part being sold) just a client | that sets up a Linux VM to run the free part? | [deleted] | antonyh wrote: | I see this as an opportunity to play with Podman. I don't fall | into the category where I'll need to pay, but Docker Desktop has | long been somewhat user-hostile. | | The forced updates I HATE. It's my machine, I get to pick the | version of software it runs. And I've had enough bad updates from | Docker to get jittery when it pushes one on me. | mfer wrote: | Rancher Desktop is an open source container management and | Kubernetes desktop app. | | https://rancherdesktop.io/ | | Disclosure: I work on Rancher Desktop. Feedback welcome. | dwaite wrote: | I'm hitting https://github.com/rancher-sandbox/rancher- | desktop/issues/56... but will look again in the future. | emptysongglass wrote: | You guys (by you guys I mean you and Docker, Inc) would do | yourselves a _huge_ favor not spiting the Linux devs who | invented the technologies you build your tools on. | | Where's the Linux version? Give it to me in Snap, AppImage, | Flatpak, deb, or rpm, whatever you want. Just offer something. | We'll take care of the rest. | mfer wrote: | Thanks for the feedback. A Linux version is in the roadmap | for this fall. I've had several discussions on it in the past | week. | | Part of this was due to priorities and part of it was | technicalities. For example, do we put it in a VM so that way | someone can easily blow things away and we don't touch the | base system? We had to come to some direction on what we | wanted to do there. Now that we have that idea we need to | finish up one thing on Mac that will translate over to Linux. | | The Linux side will be based on Lima[1] just as the Mac side | is. | | Earlier today I had a discussion on the packaging format. | | [1] https://github.com/lima-vm/lima | emptysongglass wrote: | Thanks for the update! It's refreshing to see more turnkey | GUI competitors in this space coming from larger corporate | names. | mikl wrote: | The whole reason this (and Docker Desktop) are used is that | Docker and K8s does not run natively on macOS and Windows. | | If you're using Linux already, most of this stuff is as | useful as nipples on a breastplate. You could theoretically | run an emptied out husk of the app on Linux, but there are | much better tools for working with the tools directly. | | So I'd be greatly surprised if any Linux kernel hackers are | miffed about this. | mfer wrote: | I'm not sure the whole reason for Docker Desktop is that | Docker and K8s don't run natively. I mean, someone could | create a Linux VM and get them running right through there. | The tools exist to do this. | | There are even programs like minikube that can get you | Kubernetes in a VM on Mac. | | There is something else to it that people want and that | translates to Linux, I've learned. They want an easy button | with an easy UX. There are a lot of people who are like | that. | emptysongglass wrote: | Right and when you're a corporation it cannot be | overstated how important it is to coalesce around | universal solutions that get up and out of the way with | as few steps as possible. Handing new developers a | handbook of incantations to get going is very fragile. | Handing those same developers one executable with a big | Go! button is much easier to get right. | | One example from my last job was having one shell.nix in | the root of every project folder a developer could nix | shell into that contained everything they needed, same | version and all, to get going with that project. | 41209 wrote: | It's open source, you could probably port it yourself. | | I somewhat agree with your viewpoint, but given Windows 10 is | generally just Windows 10 , OSX is OSX... But Linux could be | anything from Redhat to Alpine to a raspberry pi , I | understand why devs wouldn't support it | naikrovek wrote: | I installed this and could not get networking going again in | WSL 2 until I uninstalled it. I was sad. | adolph wrote: | Ok, I gave it a try. It's given me two K8s errors before any | meaningful container work can be done. Not going to waste | further time given a first run experience this bad. I'm | interested in investing in my tools, not alpha-testing. | athorax wrote: | Probably shouldn't run tools in alpha status then | [deleted] | thegagne wrote: | Feedback: | | 1. There's very little "getting started" info here, you seem to | assume everyone already runs kube everywhere else and already | has workloads ready to go. | | 2. Not sure if this is feasible, but I'm looking for something | that solves the Docker Desktop problem! I want something that | can port map to a local port for testing, I want something that | I can map a local folder to in order to store job input/output. | | 3. I tried starting it, and I'm already running Docker Desktop. | It didn't seem to start a healthy kube cluster, and actually | did nothing for me but just said it was waiting for the | cluster. It might have been attempting to connect to old Docker | kube clusters that I'm no longer running. Did I just need to | wait longer? It wasn't clear. | kristjansson wrote: | Seems interesting, but the name conflict with | https://rancher.com/ is _very_ confusing. Is Rancher Desktop | associated with the linked company? | mfer wrote: | Rancher Desktop is being build by Rancher (which is now part | of SUSE). | kristjansson wrote: | Thanks - that wasn't obvious from the Rancher Desktop site. | zmmmmm wrote: | Interestingly, I think this may be a boon for kubernetes. | | We've been managing all our infrastructure with docker / compose, | and its been great. But one of the key advantages is unifying the | dev & prod environments. Now lately we've been outgrowing the | docker solution so k8 is on the radar, but one of the things | holding me back is losing the unified prod/dev experience. | | So the question has been, take the hit and suck up all the bugs, | confusion, duplication etc. that come from having these separate, | or move everyone over to k8 and have to deal with the complexity | on the developer side? | | Well, this decision now definitely tips the scales - there's a | distinct advantage to going all in on k8s because we can run it | up and down the stack and not be constantly hassled by licensing | and software restrictions. | smarx007 wrote: | I think HN needs to update their algorithm. If there is a large | number of upvotes and flags, flags should count as votes from | some point on. More people need to see this post and discussion | needs to happen instead of pushing it off the front page in less | than an hour. | Macha wrote: | I think since flags effect on ranking has becoming more known, | there's more people using it as a post downvote, too. | jameshart wrote: | If this isn't front page headline news on HN then something NZ | gone very wrong, agreed. | [deleted] | andrewmcwatters wrote: | Of course it's already obvious how successful Docker is in terms | of consumption, but it's even more clear in this thread how | successful Docker is. | | Look at how many complaints there are, and people still use it. | ben7799 wrote: | We use Docker Desktop for the Mac at work. (Large company) | | Docker for Mac absolutely sucks. If they're going to force | everyone to pay they better start fixing bugs. | | They recently stopped allowing skipping a release unless you pay, | and then promptly shipped a point release with a showstopper bug. | | I literally asked IT for a Linux VM/Cloud machine yesterday for | development because my Mac is dead in the water due to a bug. | It's time efficient to develop on the Mac if it works, but the | overall experience is terrible compared to Linux on the desktop | IMO. | watermelon0 wrote: | In my experience, minikube (hyperkit) performs better than | DockerForMac Kubernetes, if we ignore mounting of macOS folders | to the VM. | sixothree wrote: | Docker for Windows isn't particularly stellar either. For | instance, you have to actually log in to a machine to have a | docker image running. Additionally only one user on a machine | can run the host application at any given time. | | I have no idea how this is popular. | naikrovek wrote: | That isn't the case on Windows Server, and on Windows Desktop | SKUs, having a logged in user is normal and expected. | tunesmith wrote: | Our team uses it too, but we don't even use the UI - it's just | to get the daemon started on startup. Is there a way to do this | easily on the Mac without using Docker Desktop? | dwaite wrote: | you could check something like ubuntu multipass | xtracto wrote: | I got bitten by a Mac bug a couple of months ago: The latest | version of Docker desktop didn't work for something (don't | remember anymore) so I had to revert to a previous version and | work in that for several months now. | SilasX wrote: | >They recently stopped allowing skipping a release unless you | pay, and then promptly shipped a point release with a | showstopper bug. | | Whoa, really? Is this written up somewhere? | | My first "WTF" with docker was in Fall 2015 when we dockerized | our app and had it nicely set up so we could tell employees | "run this command and the app Just Works" ... and then they | introduced a breaking change to the format of docker compose | files so it just mysteriously stopped working in the middle of | the day. | Rebelgecko wrote: | They might be referring to this? | https://github.com/docker/roadmap/issues/183 | SilasX wrote: | Thanks! Great HN discussion about it: | | https://news.ycombinator.com/item?id=26547268 | nagyf wrote: | > They recently stopped allowing skipping a release unless you | pay | | I honestly thought that's a bug. That is so ridiculous if | that's intentional. I agree with your post and have similar | experiences with Docker for Mac | stusmall wrote: | After they introduced that feature I hit a bug where it would | try to force an upgrade to version "null" and then crash. I | ended up having to uninstall and reinstall it to get things | usable again. | steviedotboston wrote: | I have to restart Docker for Mac multiple times a day. I'm | surprised there hasn't been a community driven open source | alternative yet | drocer88 wrote: | Singularity ( https://singularity.hpcng.org/user- | docs/master/introduction.... ) is a platform that lets you | create and run containers. Source is on github : | https://github.com/hpcng/singularity | stusmall wrote: | I recently switched jobs and made sure I wasn't going to get a | mac again just because of Docker Desktop. At my last job, we | had an application that did some very strange things with the | Docker API. It regularly crash or lock up the VM or hit subtle | correctness bugs in networking. | | I get the problem they are trying to solve is extremely | difficult. I don't think I'd do much better trying to | seamlessly ship a very Linux-centric API on Mac and Windows. | They have my sympathy but that doesn't mean I'll use the | product given a choice. | yurishimo wrote: | Yeah, that's probably not gonna happen. At the scale Docker is | operating at now, the reason the Mac app sucks, is because it's | really hard. They already have the resources to throw at this | problem now and this is the product we have. | | This is purely a $$$ move (which is fine) but we shouldn't | expect an order of magnitude more work going into the product | as a result of this move, imo. | devoutsalsa wrote: | If you expect me to pay for it, it better work well enough to | not be a blocker to my critical job path workflow. | vesinisa wrote: | But you're not actually paying for it. Your employer is. | nicce wrote: | They are still looking for their business model, because they | have no money. They have been unprofitable for their whole | existence. | smoldesu wrote: | The Docker experience is (and has been) subopar on MacOS. With | the way Apple Silicon is headed, I don't really have much faith | that the situation is going to get better, and I really wonder | if the Mac client is even a priority for them at this point. | SketchySeaBeast wrote: | I've found Docker Desktop to be equally awful with Windows. | You'd think they'd care about giant swathes of the market like | that. | jandrese wrote: | We de-dockerized our Windows deployments because it was | causing no end of headaches for the end users. | Ansil849 wrote: | > I've found Docker Desktop to be equally awful with Windows. | You'd think they'd care about giant swathes of the market | like that. | | The fact that they don't care, and yet you (or if not you, | others) still use it, succinctly explains why they do not | care. | | If they have a shitty, buggy client for Mac/Windows, and | people complain about it but still use it, then they have no | incentive to care. | sixothree wrote: | I use it only when some required tool is only available via | docker. It is not a choice for us for any of our | development. | SketchySeaBeast wrote: | Actually, I did like jandrese did, and got our solutions | out of docker. | VenTatsu wrote: | It's hard to complain to much about a free product that is | a side line to the companies main business... Oh wait, we | just lost the free version and it's now the companies main | monetization scheme? Well now I care a lot about the little | annoying bugs I've been dealing with for the last 3 years. | matsemann wrote: | Wish they fixed the issue where it uses all available RAM | even when running no containers yet. | SketchySeaBeast wrote: | When running no containers? I've found that it's a problem | when one is running (the solution to that is here[1]), but | I've not experienced it when nothing is running. | | [1] https://blog.simonpeterdebbarma.com/2020-04-memory-and- | wsl/ | dijit wrote: | That's not an issue though. That's just how virtual | machines work. You're carving out a chunk of your system | for the docker Linux VM that runs your containers. | | You can open up the docker app and configure a smaller | amount of ram if it impacts your host OS | sixothree wrote: | That's not how virtual machines work on Windows. Even | Linux virtual machines use dynamic memory. You assign a | minimum, maximum, and a startup value. When the machine | needs more RAM, Windows give it to it. When it releases | it, it's available for other purposes. | matsemann wrote: | No, that's not how it works with WSL2 as the backend. You | then cannot configure a smaller amount of RAM in the | docker app, it's greyed out. One can limit the RAM that | WSL has, but that's not really helpful when docker steals | all of it. (And WSL2 supports dynamic allocation of | memory anyways, so it's supposed to return unused memory | to the host) | | So you are wrong. For those of us affected by the bug, | it's a _big_ issue. | onlywicked wrote: | You can configure the max memory in wsl 2 with .wslconfig | file. | matsemann wrote: | yes, but docker will eat whatever I give to it, leaving | nothing for the actual containers or other stuff in wsl | naikrovek wrote: | Linux considers unused RAM to be wasted RAM. WSL 2 | addresses this with a Linux kernel change that right now | is insiders only. I expect it to land with Windows 11. | nickjj wrote: | I've found it to be really good on Windows 10 Pro, even with | 6 year old hardware. | | I've been using it full time since 2018 and it's been nothing | but really fast and as stable as you can ask for given how | complex of a tool it is. It rarely crashes (maybe once every | few months) and I've built thousands of images across many | different tech stacks. | emptysongglass wrote: | Docker Desktop with developer environments would be a great value | add if it supported Windows, macOS _and_ Linux. As it is, we have | developers in the company using Linux workstations so our Docker | subscription is just for a registry. | | We'll be moving soon given no forthcoming Linux client. | justincormack wrote: | Hi, we have requests for Docker Desktop Linux, please upvote | https://github.com/docker/roadmap/issues/39 and we are looking | at the details of what we need to do to implement this. | emptysongglass wrote: | Thanks for listening, Justin. Looking forward to updates. I | know it must be tough facing a lot of adversity from the | community. I hope you guys continue playing to your | strengths, improve customer support (number 1 in my book) and | continue beefing out your product portfolio so companies like | the one I work for can build healthy relationships with | Docker, Inc. | frant-hartm wrote: | If you are on Linux and using only the open-source bits (that's | what I do) and have subscription for the registry, why would | you be moving anywhere? What does this change bring that I am | missing? As I understand it the change only affects Docker | Desktop, which is for MacOS and Windows. | emptysongglass wrote: | It's not this change in particular, it's that you can get | paid image registries with better customer support at a lower | price point and higher availability. Docker needs to value | add to their bare registry product otherwise they will be | outcompeted by larger companies that can offer registries as | part of a larger product suite. | | Unfortunately, Docker's most valuable addition, developer | environments, is only for two of the three OSes used most | commonly by developers in a corporate environment. No company | is going to adopt a feature that can only be used by two- | thirds of its workforce. | Macha wrote: | I wonder how many people just use docker desktop as a nicely | packaged installer/VM manager? I know I don't use any of the | other included tools, so can't see why I'd use docker desktop | on Linux myself over just install docker from my package | manager (or podman in my case) | [deleted] | moogly wrote: | How do you even install Docker Engine on Windows without WSL2? | Same goes for macOS. | treesknees wrote: | If you're referring to Docker Desktop on Windows, you can use | the Hyper-V backend instead of WSL2. MacOS uses HyperKit API to | spin up a Linux VM to run it. There is no native engine for | Windows or MacOS. | | https://docs.docker.com/desktop/windows/install/ | moogly wrote: | Sure, but I've never seen a non-Docker Desktop installer for | any of the tools like the CLI, Compose etc., and I can't seem | to find one now either. | naikrovek wrote: | https://download.docker.com/win/static/stable/x86_64/ | | Not an installer, and doesn't include docker-compose, but | this is what you're talking about, I think. | | Only supports Windows containers. | physicsguy wrote: | so, when's everyone switching over to Podman? | bionade24 wrote: | When it's actually 100%ly compliant in it's APIs, especially | regarding podman-compose and the socket API. | cpuguy83 wrote: | Podman doesn't do what docker desktop does. They are not the | same thing at all. | raesene9 wrote: | If you want an open source alternative, just use Docker Engine, | it's still open source. | | You can install the docker client inside WSL/OSX and connect | over SSH to a docker CE instance. | toomuchtodo wrote: | If you're doing $10M in ARR, how much engineering time are you | going to spend to switch compared to paying Docker a few | thousand dollars a month? Your spend on cloud and Slack (or | other comms) is likely far higher. You're probably spending | more on mobile/cell business service. | | "Docker attempting to monetize users of its product who can | easily afford the cost." I mean, the terms seems reasonable, | and wouldn't you rather support Docker vs IBM (Redhat->Podman)? | | Nothing changes for users who aren't making money using Docker, | but I suppose you could still spend your time switching to | podman on principal. | jhawk28 wrote: | I'm part of a large company and I have no influence over what | most other people do. My projects within the company are | small so whenever these sorts of things happen, it rarely | translates into the company spending a bunch of money to | provide the product across the company. At best, I may be | able to convince a manager to buy it for 2-10 people on my | team. | [deleted] | toomuchtodo wrote: | Licensing isn't perfect. On the contrary, it is the least | worst implementation of attempting to extract a reasonable | amount of revenue from the user of your software, who is | realizing value creation or benefit themselves from its | use. SaaS is popular because the exchange of value between | producer and consumer (and the ownership and responsibility | model) is much more clear (imho). Open source tooling might | be a better fit based on your org's needs and your use | case. | | Solving for the intersection of building and maintaining | tools people desire and those building said tools eating | and paying rent is hard. | | (no affiliation with docker) | physicsguy wrote: | My tiny part of a _division_ of my last company made $40 | million USD per year in revenue. We had ~40 employees. | Getting the funding for using something like this came from a | few levels up and would be in no way guaranteed. | [deleted] | toomuchtodo wrote: | I admit Docker will likely have to tweak their licensing | model while also building relationships where there is some | wiggle room for how licensing is handled (perhaps accept | credit card payments from corporate users that they can | expense to sidestep procurement). "Call Us For Pricing" | adolph wrote: | At my institution the "adapt open source" vs "buy" | balance is also affected by the high effort of making a | purchase happen. My bet is that things will get hung up | on an exclusive acquisition justification, at which point | the IBM/RHEL sales team will come in with "solution" | using podman, buildah, etc. I've quit DD just now to try | those tools out. | justincormack wrote: | We do accept credit card payments. All our pricing is on | the website https://docker.com/pricing - the Business | plan will be available by credit card soon as well. | robertlagrant wrote: | This seems like a false economy. Docker adds insane value | for us (similar number of tech employees), and while I | don't like price hikes based on things other than value add | features, I certainly want Docker to exist in five years. | Or get bought by Hashicorp, perhaps. | stuff4ben wrote: | I'll preface this by saying I'm an IBM employee. That being | said your comment rubbed me the wrong way... | | > wouldn't you rather support Docker vs IBM (Redhat->Podman)? | | Podman is an open source product and Docker is not. I'd much | rather support an open source project. And what's wrong with | "supporting" IBM anyways? Did they hurt you in some way??? | nonameiguess wrote: | Docker Desktop is not open source, but the Docker container | engine is. Also, runc, which is the actual container | runtime, is not only open source, but was created by docker | but is also what gets used by podman. podman is very nearly | just a fork with the daemon and socket removed, which would | not have been possible if docker hadn't been open source. | syshum wrote: | Docker is not really a product, Docker is a company with in | that there are several products, some are open source some | are not. | | The Docker Engine is Apache License and open source. | chucksta wrote: | Many people in many ways | toomuchtodo wrote: | > And what's wrong with "supporting" IBM anyways? Did they | hurt you in some way??? | | They are a dysfunctional consultancy masquerading as a | technology firm, running on inertia. They are not to be | supported. (Also, my genuine condolences) | | https://news.ycombinator.com/item?id=24228972 | | https://news.ycombinator.com/item?id=26532125 | | https://news.ycombinator.com/item?id=26869877 | | https://news.ycombinator.com/item?id=22224782 | | https://news.ycombinator.com/item?id=23268191 | | https://news.ycombinator.com/item?id=27706128 | | https://news.ycombinator.com/item?id=24471903 | stuff4ben wrote: | FWIW, we've divested/spun off the "consultancy" part. And | not every part of IBM is bad, there are a ton of great | developers and teams that work here, no condolences | needed. I quite enjoy doing what I do here. Lots of | innovation in multiple areas, but I guess if you have to | drink the startup koolaid prevalent here on HN, be my | guest. | toomuchtodo wrote: | I'm not at a startup nor drink the koolaid [1]. I am a | consultant, so I get to see how the sausage is made | across a wide variety of orgs. In my long tenure in tech | (20+ years), I have arrived at evangelizing and | encouraging engineering first and data driven | organizations; in my experience, that provides the best | environment for technologists to have autonomy, while | pursuing mastery and purpose (which, hopefully, enables | some amount of fulfillment alongside financial | compensation). IBM is not such an org, hence my | comment(s), but there are startups, enterprises, and a | fat middle of SMB businesses that truly are innovative | and can demonstrate results to back up that description | of themselves. | | TLDR I want the best experience for my fellow | technologists and engineers. | | [1] https://news.ycombinator.com/item?id=28181703 | stuff4ben wrote: | Looks like you've had problems with IBM consultants, I'll | grant you that, but I don't dabble in that side of the | business. In my 20+ years of professional experience I | have seen it all when it comes to software development | and IT service management. From small startup shops | barely knowing how to manage Java dependencies, to | ecommerce shops doing millions of dollars a day in sales, | to large enterprises being among the first adopters of | Kubernetes. To lump all of one company into a single | disparaging statement is disingenuous. | | TLDR; your comment is stupid. | n42 wrote: | as soon as a viable alternative to Docker Desktop for Mac | exists I am done with this company forever (and they seem to be | anticipating that) | handrous wrote: | I've used Docker for years and never touched Desktop. What's | indispensable about it? | saxonww wrote: | It's not great, at all. But at least on Mac it's a lot | easier to get going with Docker for Mac than it is to roll | your own with e.g. VirtualBox. I assume it's the same on | Windows. | handrous wrote: | I just use whatever `brew install docker` gives me. They | don't call _that_ Docker Desktop, right? I thought that | was some kind of GUI thing of theirs--I do all my | dockering from the command line, which looks the same | across Mac and Linux except when (rarely, these days) the | virtualization the Mac implementation uses leaks through. | saxonww wrote: | The key is the virtualization. I think (!) with `brew | install docker` you've got to set up a VM and get Docker | running inside it, yourself. Docker Desktop for Mac does | that, and implements filesystem and networking | integration for you. | | Most people like the convenience of that, if not the | performance or (now) the cost. | handrous wrote: | Closest I've come to having to manually set up anything | with a simple `brew install docker` making sure my shell | sets the env vars correctly. It automatically sets up the | VM, and has since I started using it years ago. | | (but, it's possible that what I'm using is _also_ | considered Docker Desktop--I just associated that term | with their GUI thingy [and I think it includes some kind | of sys tray widget?], which I 've never used) | | [EDIT] oh no you're kinda right, I think I recall having | to run one command, post-install, on older versions, to | set up the VM, though I don't think you still have to | _and_ that was all still handled for you, you just had to | _tell it_ to do it. `docker-machine create default` or | something like that, was enough for 99% of use cases. Don | 't have to even do that, now, though, IIRC. | mdaniel wrote: | Honest question: what features of DfM are you using and what | alternatives have you tried that don't work for you? | justinholmes wrote: | Just use multipass https://multipass.run and folder mount. | rcarmo wrote: | This. This is what I do (except I use VS Code to remote to | the Multipass VM) | stuff4ben wrote: | why do you need the Docker Desktop? Can't you just use the | command line? I mostly use Docker on Linux and even then I've | almost switched everything over to Podman. | ianburrell wrote: | The Docker CLI can't do anything without the Docker daemon. | Daemon (and containers) only runs on Linux. On Mac, it | needs to run inside a Linux VM. | | Before Docker Desktop, would need to create VM with Docker | and connect to that. Docker Desktop makes that smooth and | wraps in nice UI. | detaro wrote: | Curious to see what that means for Windows containers. Microsoft | is heavily recommending Docker there, but asking people to | license another thing from a third party just to be able to use a | feature on their expensive Windows licenses seems somewhat on the | nose for them to push. | jrsj wrote: | Maybe this is just a play to get Microsoft to acquire Docker | lol | mleonhard wrote: | > There's a standards conversion going on where we can trace the | provenance of each and every layer of the image, we can start | signing those layers, and with that metadata, we can start doing | automated decisioning, automated reporting, automated visibility | into what's been done to that image at each step of the | lifecycle. | | Docker's CEO is being disingenuous. When you deploy a Docker | container, you specify the image ID. The ID looks like a SHA-256 | digest and even starts with the string 'sha256' but it is an | arbitrary value generated by the docker daemon on the local | machine. The ID is not a hash of the image contents [0, 1]. In | other words, docker images are not content-addressed. | | Since docker images are not content-addressed, your image | registry and image transfer tools can subvert the security of | your production systems. The fix is straightforward: make an | image ID be the SHA-256 digest of the image contents, which is | the same everywhere: on your build system, image registry, test | system, and production hosts. This fix will increase supply chain | security for all Docker users. It is massive low-hanging fruit. | | Now Docker will add image signatures without first making images | content-addressed. Their decision makes sense only if their goal | is to make money and not make a secure product. I cannot trust a | company with such priorities. | | [0] | https://github.com/moby/moby/issues/39247#issuecomment-49697... | | [1] https://github.com/distribution/distribution/issues/1662 | | EDIT: Added another link. | voxic11 wrote: | You seem to be mixing up image ids which are not content | addressed and image digests which are. | bspammer wrote: | Images not being content addressed is very surprising to me. I | just always assumed they were because... why would they not be? | I bet a large proportion of other devs assumed the same. | voxic11 wrote: | They are if you use the digest rather than the id. | glutamate wrote: | If Docker wants to grow up, maybe they could start with replying | to support tickets from paying customers. I have a 10 day old | open ticket with no reply. | emptysongglass wrote: | This has also been our experience with the company. | justincormack wrote: | Hey sorry about that, can you send me the ticket details justin | @ docker.com and I can look into it. | mikestew wrote: | So, like many companies, successful support consists of | yelping at the appropriate public forum, be it Twitter or in | this case, HN. Anything the public doesn't see: "due to | unexpected call volume, you'll wait at least ten days before | hearing from anyone". All the while the company forgets that | the complaining customer isn't the only one reading. The rest | of us are reading a live account of what company's customer | support looks like. | adolph wrote: | _Policy success is directly dependent on how we handle | requests for exception. Granting exceptions undermines | people's sense of fairness, and sets a precedent precedent | that undermines future policy. In environments where | exceptions become normalized, leaders often find that issuing | writs of exception--for policies they themselves have | designed--starts to swallow up much of their time. | Organizations spending significant time on exceptions are | experiencing exception debt. The escape is to stop working | the exceptions, and instead work the policy._ | | Larson, Will. An Elegant Puzzle: Systems of Engineering | Management (p. 122). Stripe Press. Kindle Edition. | myko wrote: | Thanks for posting, ordered a copy just now | adolph wrote: | Another point of genius is right after the above section | on exception debt. | | _It was in that era of my career that I came to view | management as, at its core, a moral profession. We have | the opportunity to create an environment for those around | us to be their best, in fair surroundings. For me, that's | both an opportunity and an obligation for managers, and | saying no in that room with my manager and CTO was, in | part, my decision to hold the line on what's right._ | | Larson, Will. An Elegant Puzzle: Systems of Engineering | Management (p. 123). Stripe Press. Kindle Edition. | [deleted] | resizeitplz wrote: | Fwiw, while there probably isn't a _good_ public relations | response here ... N=1, when I see a company publicly managing | escalation via public shaming, it inclines me to steer | purchasing decisions away from them in the future. | gorjusborg wrote: | My thought as well. | | If I have to tweet-storm to get someone to look at my | support ticket, there is no real support. | mongol wrote: | It should not have to work like this. | indemnity wrote: | Agree 100%. I don't want to have to resort to Twitter or HN | to get a ticket worked. Fuck that, hire some staff, work on | your enterprise support. | temp_praneshp wrote: | > hire some staff | | And that's why they are scaling back on free plans. | glutamate wrote: | I have a better idea. How about you look at EVERY open | ticket, starting with those from paying customers? | | EDIT: Wow, they actually did this and got back to me - thank | you! | asddubs wrote: | if they're smart they just looked at all the 10 day old | tickets | ghostpepper wrote: | maybe 10 +/-1 for time zones | raman162 wrote: | It's shameful that this product was once free is now going to be | charged, even if it's only for larger businesses. | | I wonder how sustainable it is for docker to be like other open | source entities and rely on consistent donations from major | corporations to rely on income. | | I also wonder if this will impede on docker adoption in the | coming months. I guess time is the only one that can tell | andrewmcwatters wrote: | Shameful? What's shameful about it? Software entitlement is | outrageous. It's the only field where people expect | professionals to keep doling out labor for free and then | complain about the free stuff. | | If it isn't already abundantly clear to you: free software | isn't sustainable. It's built on the backs of people who | provide it for whatever reason they choose. | | This be a beggar so I can continue to have free stuff mentality | has got to go. | raman162 wrote: | Shameful may have been a harsh word , disappointing is more | appropriate. | | The disappointing part is that a product that was once free | and distributed in abundance is now requiring licensing | starting immediately for small businesses. There is a | transition gap but the policy is effective starting today. | There were no added features of value, it was just a random | change of price from nothing to something. | | I think the new enterprise features that they are boasting | about which is probably where they would end up making most | of their money could have been suffice as this new policy is | going to be difficult for them to enforce. | | I'm sure docker desktop originally being free contributed to | them being this popular. It made using containers for | development super easy on windows and Mac. | | Now that they have the huge user base, they're in a good | position to dictate terms in their favour whether we like it | or not. | andrewmcwatters wrote: | The only thing you're saying here is that you don't | recognize its value and you don't want to pay for it. No, | wait, you don't want _businesses_ --fully capable | organizations who can pay--to pay for it. | | You should be ashamed. | | There's nothing random about it. A tech business is finally | realizing giving products away for free isn't a business. | What a surprise. | | > Now that they have the huge user base, they're in a good | position to dictate terms in their favour whether we like | it or not. | | No one is forcing you to use docker. Grow up. | | Better yet, you try building a product, giving it away to | choosing beggar developers, and figure out how to run a | business where you pay six-figure engineering salaries to | qualified employees off the cash flow of "donations." What | a joke. | CyanLite2 wrote: | Surprised no one like Microsoft has stepped in to buy Docker out- | right. | jbverschoor wrote: | What a strange sentence.. As if "Docker" is some third party. | They're referring to themselves in the 3rd person. | | Be warned | hbn wrote: | Meh, it's just for the headline. If someone shared the article | and the title is scraped, "we're" isn't as self-explanatory and | required you to look at the URL for context. | | The article itself uses "we" | sekathlon wrote: | they just have to delete the word "our" in the headline and | all would be fine. this is just weird. | Proven wrote: | It's not. | erikkri wrote: | This seems like a relevant link: | https://medium.com/crowdbotics/a-complete-one-by-one-guide-t... | berdon wrote: | This is likely the most realistic path forward for most | developers using MBPs. | benjaminwootton wrote: | Docker have never done the one obvious thing to monetise - an | upsell and enterprise support for the engine. | | Trying to be a poor mans pivotal was a stupid strategy, and | developer tools is awkward too. | | I'm convinced if they charged $10 per engine per month they would | have kept all of the goodwill and momentum and been the next | VMWare. | V99 wrote: | They tried that ("Docker Enterprise Edition") years ago, with | some minor differentiation on features only available in EE... | but for $62-300/node/month. This is now the part Mirantis owns, | current Docker is the developer-focused side. | | https://www.docker.com/blog/docker-enterprise-edition/ | | https://web.archive.org/web/20171118161452/https://www.docke... | dharmab wrote: | Note that Docker Desktop and Docker Engine are separate products. | Docker Desktop is the desktop application package that makes | Docker user-friendly on macOS and Windows. Docker Engine, the | container runtime itself, remains free: | | > No changes to Docker Engine or any upstream open source Docker | or Moby project. | | If you develop on Linux, no changes are needed. | alanwreath wrote: | Not a trivial thing to run Docker natively inside of a WSL2 | environment - at least my attempts to install straight docker | strictly inside Ubuntu running in WSL2 always resulted in | Ubuntu's attempts to reach some .exe with regard to Docker. I | did learn some fun facts WRT Linux in WSL2 - it doesn't have | systemd installed by default. | spooneybarger wrote: | I've never had a problem with it. I've been using docker | engine in WSL2 for a couple years. | | I install `docker.io` via apt and its good to go except that | package has on some ubuntu versions been missing the | /etc/init.d/ startup script. | | I build my WSL2 environments via Dockerfile. You can see | everything here: | | https://github.com/SeanTAllen/wsl- | environments/tree/main/ubu... | | Using that dockerfile I can then export the file system as a | tar (https://wiki.seantallen.com/notes/docker-export- | filesystem/) and import into wsl using the wsl import | command. | naikrovek wrote: | well the installation process seems to have changed in the | last 2 years. installing `docker.io` is _not_ enough to get | docker running in WSL 2 anymore. | arsfeld wrote: | How would that work if you're using WSL? Docker for Desktop | uses WSL but creates it's own separate VM (if you can call it a | VM). | | Would I be able to install and run Docker inside Ubuntu's WSL | distro to avoid paying for Docker for Desktop? | easton wrote: | Yes, but you'd have to connect the Docker CLI running in | Windows to the engine inside Ubuntu (not hard), and then you | wouldn't be able to mount stuff in Windows into Docker | containers via relative paths (you'd have to start them with | /mnt/c/...). If neither of those things matter for you (like | if all of your project code is inside your WSL VM), then it's | totally fine. | JoyrexJ9 wrote: | I do all my work under WSL, and run Docker engine in WSL and | it works perfectly. 100% headless. | | I may have had to expose the Docker socket for VS Code | containers support to work, but that wasn't any pain, and | secured with TLS. | | Never needed Docker Desktop, which seemed like a bloated | mess. | dharmab wrote: | You could configure Docker Engine in Ubuntu to expose a | network socket, and configure Docker CLI in Windows WSL to | use that network socket: | https://wiki.archlinux.org/title/Docker#Daemon_socket | maple3142 wrote: | Enable WSL2, then you can just install the docker provided by | your distro package manager. For example, I am using docker | packaed by Arch Linux, and it works as expected. | | If you need to use `docker` command under Powershell, maybe | exposing docker socket to Windows host would probably work. I | didn't try it as I don't need it. | raesene9 wrote: | You can connect to a remote Docker engine instance over SSH, | which is easier to setup than exposing the Docker socket over | a TCP port. | | So install the client inside WSL and the engine on a Linux | VM. | | EDIT: | https://raesene.github.io/blog/2018/11/11/Docker-18-09-SSH/ | was a blog I wrote when that feature landed, AFAIK it works | the same way now :) | Macha wrote: | Or just use it inside WSL2, which already is a Linux VM? | raesene9 wrote: | I've never actually tried installing Docker engine in | WSL2... might work I guess :) | mishafb wrote: | You probably can, there's nothing about containers that | shouldn't work on WSL2 | peytoncasper wrote: | There reality of this is that Docker is setting themselves up as | an enterprise software business. Like the one they spun out a | short while ago. | | You as a developer won't be involved with purchasing Docker | subscriptions. Instead they'll have sales teams that approach | your IT department who will pay for support reasons and pre | install Docker Desktop on all company hardware. | | That's why this is only focused at larger companies. This gives | IT departments someone to call when a developer reports a | problem. | krzyk wrote: | I'm a bit puzzled what costs and what not, as it is a first time | I see "Docker Desktop" name. | | I use docker on linux, mainly executing "docker build", "docker | run", etc. | | Does it still cost if I do it in a 1k+ company during work? | treesknees wrote: | Docker Desktop is the only way to run Docker "natively" on | Windows and MacOS (I say "natively" because it's really using a | linux VM behind the scenes.) | | So if you're on Linux, nothing has changed (yet). | vlunkr wrote: | The article says there are no changes to the command line tool. | This is the first time I'm hearing of Docker Desktop as well. | db3pt0 wrote: | Looking at the installation instructions for Docker on | Mac/Windows, what is the expected way to install the Docker | Engine without installing the Desktop bundle? | | From https://docs.docker.com/engine/install/binaries/#install- | cli... | | > The macOS binary includes the Docker client only. It does not | include the dockerd daemon. | kristjansson wrote: | Docker Engine only runs on Linux. | | Docker for Mac/Windows sets up a Linux VM using macOS/Windows | native virtualization via the open-source HyperKit/VPNKit | abstractions maintained by Docker-the-Company and the | community. That VM runs Docker Enginer (dockerd) and all | interaction (docker CLI commands, shared volumes, networking, | etc.) are proxied into that VM. | OldTimeCoffee wrote: | So unless I'm missing something important, why not just use | docker engine directly on a wsl2 instance? | kristjansson wrote: | I'm not a Windows user but AIUI just running dockerd in | WSL2 misses some of the volume sharing and networking | niceties. Nothing that couldn't be replicated though | mongol wrote: | Is that working? Does wsl2 provide more than a shell? | singingboyo wrote: | Last I recall, docker desktop on windows explicitly | recommended WSL2 over Hyper-V or whatever based setups. | dharmab wrote: | WSL2 uses a full Linux VM running under HyperV. | devoutsalsa wrote: | WSL2 can get weird when you start trying to install | software with low level virtualization and file system | features. YMMV. I'd use it to install apps, but I | wouldn't be confident it'd work with Docker. Even if it | did initially work, eventually you'll hit a problem for | which there is no googleable answer & good luck with | that. | amaranth wrote: | Docker Desktop installs dockerd in a WSL2 instance these | days instead of using VirtualBox so I'd assume it works | pretty well now. | w7 wrote: | Current Docker on Windows detects if you have WSL2 or | not, and gives you the option of just installing docker | in WSL2 + configuring the Windows docker tools to | manipulate the docker daemon running in WSL2. | Ajedi32 wrote: | Yeah, that's the biggest issue; right now Docker Desktop is the | only supported way of installing Docker on Windows: | https://docs.docker.com/engine/install/#supported-platforms | That's literally the only reason I use it. | | There's probably a fairly simple way to run Docker directly in | WSL, but a lot of documentation is going to need to be updated | to point to that method. | ericpp wrote: | A better strategy to me would've been to keep it free and tightly | integrate it with Docker Hub to push people towards Docker Hub | services. This software is already installed on most Windows | computers that need to use Docker and provides a perfect | opportunity to promote Docker Hub and any of their other | services. | nickjj wrote: | For everyone who is against this change, can you please write up | why? | | For a ton of small companies (anyone making $10 million or less | per year) nothing is going to change and DD is still free to use. | | If you're at a big organization with let's say 200 developers | chances are your company makes hundreds of millions of dollars a | year. Even Docker's most expensive business plan would cost you | 200 * $21 = $4,200 month. | | Payroll for your 200 developers will likely be over 3 million | dollars a month. How can you be upset with paying 4k a month? | That's almost nothing relative to other expenses. | | Realistically I'm surprised Docker is charging so little for | their business plan. Making 4k on 200 developers at a 300 | million+ company is not asking a lot. | 0x500x79 wrote: | I don't get enough out of docker desktop for mac to be worth | the 21 dollars a month, personally. It manages a VM and the | port mappings/exposure of docker sockets on my behalf. That is | something that can be replaced fairly easily and not cost me | 5-20 dollars a month. | | This on top of some of the decisions in the past year like | removing the ability to opt out of updates, and the issues that | pop up when I don't expect it (crashes, file systems, etc) I am | more inclined to find other solutions. | dwaite wrote: | Because we use containers to share images outside our | organization. This reduces the accessibility and thus the value | of the entire Docker ecosystem. | zmmmmm wrote: | you jumped from $10m revenue to a 200 developer company with | payroll of $3m month in your example. | | There are tiny companies with $10m revenue (remember, revenue | isn't margin and certainly isn't profit). A company could | easily have non-employment expenses be 90% of its revenue, so | we are talking about $1m or 7-8 person company there on decent | salaries. A far cry from the 200 devs you give as an example. | | However as to "why" - because docker's precise value | proposition is its ubiquity and universality. The exact reason | people have adopted it is because everyone can run it, no | matter who, no matter where. So this compromises the _main_ | value proposition of Docker. People will now find alternatives | because if I can 't distribute my application using docker and | know the person at the other end can run it (because now they | need a license that they don't have) then it lost virtually its | whole point to me. | nickjj wrote: | > A company could easily have non-employment expenses be 90% | of its revenue, so we are talking about $1m or 7-8 person | company there on decent salaries | | Can you give a few real world examples where a $10 million / | year revenue company with 7 employees would have difficulty | paying $147 a month (or $49 if they went for the $7 / month | instead)? With the $7 / month plan (if you only care about | DD), the entire annual cost for all 7 devs is less than | hiring 1 developer for 1 day at a normal US dev salary. | zmmmmm wrote: | Ok, so you're asking about a different point, now, the | difficulty of paying. In that case the difficulties arise | because of corporate gatekeepers, licensing stewards and | general policies governing software licensing. Typically my | organisation would not approve this sort of purchase | without a business case and justification - not least | because we are a not-for-profit and any money not going to | our cause is scrutinised heavily (the thing donors | absolutely hate the most is the idea their money doesn't | get to the cause they donated to and instead goes into | sinkhole of funding commerical company's bottom lines). | | Obviously one payment is not too big but as soon as the | policy allows one it allows all such things so its | effectively opening the gate to all kinds of micro-payments | that quickly build up and become entrenched as "essential". | | Here's a similar analogy ... does your company pay for your | parking? Why not, its small compared to your salary right? | and it definitely helps you get to work, be more efficient | etc? Well its not just about the parking its because that | represents a _class of purchase_ that if allowed would tilt | the scale towards a massive number of similar types of | expenses. So in fact most places will have blanked policies | disallowing small purchases. | | Another question: since the price for Docker Desktop | already got arbitrarily changed with no notice, why would | you believe that it won't go up in the future? Or get more | restrictive in other ways? Once a company executes bad | faith one time, continued manifestations of that have to be | considered as a risk. | nickjj wrote: | With Docker, even if 1 dev spent 2 days coming up with a | perfect solution that would allow all 7 devs to move away | from DD without wasting 1 second of productivity you're | still losing out vs sticking with DD at their new annual | rates. To me that's a very strong business case. | | > Another question: since the price for Docker Desktop | already got arbitrarily changed with no notice, why would | you believe that it won't go up in the future? | | Personally, I'll worry about a future notice when it | happens. A meteor could wipe out all of humanity tomorrow | but I try not to think of "what ifs". | mgarciaisaia wrote: | I'm part of a company that doesn't need to change a thing | because of this. | | I want to move out of Docker services because of the "The new | terms take effect on August 31, 2021" part of the email I've | just received, even if it's followed by a "with a grace period | until January 31, 2022". | | I'm OK with them trying to get money. I'm not OK with them | changing things overnight. | darkarmani wrote: | Extortion. They built an entire community of docker users and | then this. it's one thing if we all knew they were oracle. It's | another thing for them to turn into Oracle after capturing | mindshare. | kcb wrote: | Because procurement processes suck and developers don't want to | deal with them. When it's something from Microsoft, Google, | Amazon, it's not a problem because those deals are handled at a | level that developers don't interact much with and are | ingrained as business critical. There's no way we're going to | have a contract with Docker by January so I fully expect a | "Please uninstall Docker Desktop" email long before that. | nickjj wrote: | What if you asked the person who would write that email to | instead ask Docker if they can extend the grace period for | you until you can get a contract set up? | | Since it's unclear if / how Docker can enforce their TOS I'm | guessing they would be happy to extend it because the other | avenues lead to you not using DD or using it without paying. | Closi wrote: | > What if you asked the person who would write that email | to instead ask Docker if they can extend the grace period | for you until you can get a contract set up? | | I think OP's principle is that it will probably just be | easier to switch tools than to push the $42k annual spend | through the organisational mud to get it approved | (depending on how muddy the mud is). | | This is particularly true for a single developer that wants | to start using docker desktop, if the rest of the org isn't | already using it. | Shank wrote: | "Large" is a bit of an interesting statement. Companies with $10m | in revenue are very common, and are often smaller companies. | Software is all about leverage. A very small team can create a | lot of leverage with the right tools to make a very strong | product and get to $10m ARR without necessarily having many | people. | | It seems like the real cost to this change is the goodwill from | smaller companies + teams that are now realizing they'll have | another expense dropped on them. Except the expense is a | previously free product with no real improvements, at least from | what I can tell. | 0xdeadbeefbabe wrote: | Linux containers ought to update and extend their product | subscriptions too. | raesene9 wrote: | It'll be interesting to see how well this works out for Docker, I | have a feeling they'll lose quite a bit of custom but convert | some to this model. | | I'd guess a lot of people will just use Docker engine on a Linux | VM with the CLI on Windows/Mac as that'll work just fine and is | open source. | | This was kind of inevitable though, ultimately Docker had to find | a revenue stream somewhere. Docker Hub must be massively | expensive to run and developing docker's product isn't free | either... | syshum wrote: | There has been a huge push in the community to switch away from | docker anyway. The warning signs from the company have been | there for awhile and there are several container engine's, | systems, UI's and other management tools not built on docker. | | This will accelerate those programs | awestroke wrote: | Can you link me to a single of those alternatives? It must be | equally easy to use | staysafeanon wrote: | Podman: https://podman.io/ | etxm wrote: | Honest question: Besides IT endpoint management, why does our | industry continue to develop software that is leaning more and | more towards containerization on Mac OS? | | I've been a Mac user for 20 years and do a lot of docker and | Kubernetes work. I recently started developing on a Linux machine | that was a fourth of the price and a lot less burden for my day- | to-day work. | 0x500x79 wrote: | I mean, your "Besides IT endpoint management" comment is the | primary reason that most of the jobs that I have worked at | won't let me get a linux machine. | flemhans wrote: | Received an unsolicited mail from them outlining the new terms, | with no way to unsubscribe. | paxys wrote: | Their product and pricing page is extremely vague and full of | dark patters, and doesn't really describe what "Docker Desktop" | even is. Can I use the CLI without downloading Docker Desktop? | Can I launch the daemon and interact with it via the API? | alanwreath wrote: | Companies with more than 250 employees or $10 million USD in | annual revenue must pay a monthly subscription to adhere to the | new terms of service. | rkachowski wrote: | Additionally this change is effective starting August 31st 2021 - | i.e. now. | justincormack wrote: | (CTO of Docker here) there is a grace period until 31 January | next year, we understand that this is a change and people need | time to sort out payment. | jen20 wrote: | ... isn't it effective January 31st then? | justincormack wrote: | Sorry it is a bit confusing, the overall terms and | conditions update is as of now, but the part about paying | has a grace period but obviously we want people to know now | what will apply. The terms are not very different from | previous terms (although I did get the old no benchmarking | clause removed, I don't know why we had that there). | hyperpape wrote: | > I did get the old no benchmarking clause removed, I | don't know why we had that there | | Your company is probably not going to fare well in this | thread, but thanks for this! No benchmarking clauses are | gross. Glad to see someone with the means to remove one | do so. | antonyh wrote: | I would guess it's to do with the abysmal performance | before WSL2. | birdman3131 wrote: | It sounds to me like if you start now you have to pay if | large enough of a company but if you are already a | "customer" you have till january. | [deleted] | BitterAmethyst wrote: | Curious how bound I'd be to these terms if I just don't | upgrade Docker Desktop. I'm not even signed in to dockerhub | and most of our containers are on an Azure private registry. | reustle wrote: | > and people need time to sort out payment | | Or their removal of Docker | adolph wrote: | I wonder how much Docker is paying Synk.io for 200/mo _Local | vulnerability scans with Snyk_? | kcb wrote: | Overall if they want to charge for their product that's fine. I | just hate the model of release free or really permissible | application, wait for widespread adoption, then tighten clamp. | For what it's worth they've lost my business there. | codyogden wrote: | I want to coin it as "embrace, extend, extort." | benbristow wrote: | Same with Telerik Fiddler recently. Good piece of software | for debugging network requests on Windows. | | Was free for as long as I've known it existed. Telerik | recently bought by 'Progress' (ironic), software re-written | in Electron and now charges a subscription to use it. | | Glad HTTP Toolkit is now available free for 'hobbyist' tasks | - https://httptoolkit.tech/ | pimterry wrote: | I'm the author of HTTP Toolkit! Just ran into this by | chance, glad you like it :-D | | I should mention here: not only is the core product all | free, it's also completely open source, even including the | paid bits (https://github.com/httptoolkit). And those Pro | features are completely free for all contributors to the | project. | | I've tried to set it up so I couldn't run off with it and | force everybody to start paying even if I wanted to, but | any suggestions for further improvements there very | welcome. | cyral wrote: | Very accurate for a lot of companies like this lately. | Consider it coined. | [deleted] | pjmlp wrote: | Nah, newer generations rediscovering the concept of | shareware and trial/demo versions. | kcb wrote: | Not really. Shareware, Trials, Demos all come with the | expectation that if you want to utilize them fully you | will eventually need to pay. | Rexxar wrote: | The (big) difference is honesty. You know you should pay | at some point in future if you use shareware/trial/demo | and find it useful. | eikenberry wrote: | Docker desktop was never really free, as in free software, was | it? If so, then it was always a proprietary app and they were | always in control. IE. the clamp was always tight. | chrisseaton wrote: | It was free of charge. | eikenberry wrote: | Which is why being free of charge isn't really the point of | free software. | chrisseaton wrote: | But not everyone cares about 'libre' software, or thinks | the simple descriptive term 'free' should be co-opted in | discussions like you are. | pjmlp wrote: | It used to be called shareware. | rad_gruchalski wrote: | So is Docker going to now maintain all the base images themselves | or do they rely on the community to provide those for free? | | Also, announced on 31.08, effective 31.08 (albeit grace | period...) | 0x500x79 wrote: | Unless I am missing something this is pretty huge. Every company | I have worked at that has issued MacBooks has had development | environment instructions which outline using docker desktop | (since it is the simplest solution). Given this headline every | one of those companies would have needed to get licensing for | that. | | As others have stated: I am okay with attempting to monetize your | work, but increasing prices like this (especially from free to a | pretty pricey per-head subscription model) doesn't sit well with | me. There doesn't seem to be much differentiation between the | tier besides: "How many employees/revenue you have" and that is | not my favorite line of charging. | | Does this relate at all to the forced upgrades that were pushed | earlier this year? | techthumb wrote: | I've been using Minikube's docker-engine and haven't missed | DockerForMac for some time now. | | Minikube sets up a Linux VM using MacOS Hypervisor. | | It even has a convenience command to configure docker-cli/docker- | client. $ minikube docker-env export | DOCKER_TLS_VERIFY="1" export | DOCKER_HOST="tcp://192.168.65.11:2376" export | DOCKER_CERT_PATH="/Users/wibble/.minikube/certs" export | MINIKUBE_ACTIVE_DOCKERD="minikube" | | For corporate situations where MITM proxies are used, you can | inject/trust custom CAs using $ minikube start | --embed-certs | | https://minikube.sigs.k8s.io/docs/handbook/untrusted_certs/ | deusex_ wrote: | But what minikube backend are you using for this? The preferred | one is Docker and all the others are also paid on Mac. | techthumb wrote: | I am using "hyperkit" | | Available options: --driver='': Driver is one | of: virtualbox, parallels, vmwarefusion, hyperkit, vmware, | docker, ssh (defaults to auto-detect) | TheDong wrote: | > all the others are also paid on Mac | | Hyperkit is open source software that works on macOS. | | https://minikube.sigs.k8s.io/docs/drivers/hyperkit/ | | Virtualbox is also a free (as in beer, and mostly libre) | driver that works on all of windows/linux/macOS | vesinisa wrote: | Wait, so you're running your app on virtualized Linux | inside Docker inside Linux inside Virtualbox inside native | MacOS? | Spivak wrote: | That's how it has to work when there's a kernel mismatch | from host to guest. You're implying more layers than | there actually are. | | - MacOS running a hypervisor | | - A Linux VM with Docker installed. | | - A Linux container running on that VMs kernel. | | Containers on Linux aren't virtualized (normally, you | could use runV I suppose if you wanted). The only | overhead is the extra disk space to extract the root fs | of the container image and the namespacing. | _joel wrote: | It's spinning pinwheels all the way down | TheDong wrote: | That's a reductive way to phrase it, but more or less | yes. | | It's arguable if the container is "virtualized linux" as | they all share a single linux kernel. In reality there's | one virtual machine, one linux kernel, and many linux | userspaces (one per container), which is kinda the whole | point of containers. | | Over docker+linux, the virtual machine is the only | additional layer. | | fwiw, I personally don't use macOS, so I've only got | virtualized linux (containers) run by docker running on | linux running on my hardware. | | Are you trying to make a point or something here? Like, | yes, we've built layers of abstraction that include | different types of virtualization (VMs and containers), | and they compose. Is that all you're observing? | vesinisa wrote: | > Are you trying to make a point or something here? | | Nah, just curious/intrigued by how these stack. | | OS-level virtualization is very much a thing. I'd be | interesting to compare this to the approach taken by | Docker Dekstop for Mac. I bet they do something quite | similar (hypervisor-based virtualization like Virtualbox) | - nothing fancy like WSL1 that I believe runs a sort of | "tortured" Linux kernel _inside_ the NT kernel. | simiones wrote: | WSL1 didn't run a Linux kernel at all - it was | implementing the Linux user-space API over the Windows NT | kernel. Well, some of it - not enough to run Docker, for | example. | | Docker on Windows and Mac does the same as what is | described above - it runs a Linux VM and runs the docker | server inside that, and then does a little magic to | expose native OS paths and so on to that VM. On Windows, | it uses WSL2 by default now, but WSL2 is also a Hyper-V | VM in the end, with some Windows magic to blend it more | nicely in Windows workflows. | truffdog wrote: | Hyperkit is docker for mac's backend though, so... whatever | bugs that upset people are probably still present. | tensor wrote: | Beware of VirtualBox. While part of it is free, it's not | very useful without the extension package. This package is | easy to download on the same website as VirtualBox, but... | it's not free. | | Even better Oracle tracks the ips that download this | extension and after a suitable amount of time they will | come knocking on your company's door asking for an | insulting amount of money (e.g. more expensive than VMware) | or get sued. You need to read the fine print of the | additional Eula printed in really small letters on the | VirtualBox website to figure out the extension isn't free. | It's almost a honeypot tactic. Scummy. | folmar wrote: | I don't know how Macs fare, but on Linux the extension | package is not really a great feat, mostly adds RDP and | some faster USB modes, but USB passthrough is marginal at | most anyway. | jackcviers3 wrote: | Before Docker Desktop there existed a solution called docker | toolkit that worked exactly like this. The only problem is that | occasionally internal corporate networks will use the same ip | address and you have to customize that by building your own | docker engine. | qeternity wrote: | So many people in this thread don't understand how enterprise | decisions get made. | | The business license costs $21/month, probably less in reality. | | Do you really think that businesses are going to jeopardize the | workflows of their $250k/year assets over a very core piece of | software for $250/year? | | Any alternative has switching costs and risks. Companies will | just pay this. I see so many people saying "just do these 10 | steps and it's basically the same". It just ain't worth it for | $250 | aprdm wrote: | That math changes a lot in companies that don't sell tech as | their profits margin aren't as fat. It also changes when you | have 1000s of developers. | efsavage wrote: | Many engineers at large companies won't want to bother dealing | with the headaches around licensing software and spending | money, whether it's $2/mo or $21/mo or $200/mo. | | If it's a core part of my job and the best option available, | it'd be worth it, but if there's _any_ reasonable alternative, | I 'll go download that today instead of wading through all of | the lawyers and approvals and compliance to use something | slightly better. | dheera wrote: | If you're getting started, sure. | | If you already have a live deployment then the company's | bigger fear is the a risk of switching to a completely new | infrastructure and they'll all of a sudden push the paperwork | quickly to stay on their existing codebase. | isoprophlex wrote: | That's not how it works in my experience. If it costs more than | 0 but less than 10k, the pencil pushers at procurement wont | even answer your emails... | katzgrau wrote: | That would be the wise thing to do, but I'm sure there are some | ways companies will eff it up anyway. Survival of the fittest I | guess. | | Management may want some badge of honor for saving a budget | line item. Or developers may want to embark on a new and | interesting project and successfully convince management it's a | good idea, who will agree for a wide range of reasons (not | pissing off developers might be one of them). | | Both will ignore the risk and considerable downsides. Happens | all the time. | fmakunbound wrote: | It's not at all about the price. Obviously a corporation can | afford that. It's the sheer dread of even starting the | procurement process in your average corporation that your | average developer must overcome, that is the barrier. | | I'd rather investigate an alternative like running it on a VM | than deal with that. Actually I'd rather shave my face with | some mace in the dark than deal with that. | Aqueous wrote: | $21 / user / month - so if you have 100 engineers that's $2100 | a month or $25k a year. | | Still should be doable for most businesses that size but | licensing costs can blow up when you start to have a lot of | seats. An annoying thing about the company I work for is that | they have a limited number of licenses for things like IDEs, so | they ration them. And so I'll boot up an IDE for a language I | work in less - like say, PyCharm - and it will stop working | because my license got taken away and given to someone else. | I'll have to request another one be given back to get working | again, which is pretty annoying when I'm trying to get | something done. I work mostly with Docker / Kubernetes so if | I'm in a situation where my core tools are being constantly | taken away, I'll be pretty miffed. | | I agree that Docker has every right to charge big companies for | this software. Just wanted to point out that the costs can be | more than you'd expect. | raffraffraff wrote: | True. Absolutely. But I guarantee you that this headline means | that even junior "devops" engineers will have workable | alternatives by _tomorrow_ , and can tell you how to implement | them with little friction. | swiftcoder wrote: | That sort of depends on the size of business under discussion. | If you are a Fortune 500 with 2,000 engineers who all need | licenses... half a million in licensing costs is not always the | easiest sell. | | Of course, that fortune 500 is going to pick up the phone and | demand to pay 1/4 of that (and they'll probably get it). | Enterprise sales is _fun_ | otterley wrote: | *Actual fun may vary. | Cacti wrote: | lol obviously you've never worked in a giant bureaucratic | corporation. | dang wrote: | Please don't post personal swipes or unsubstantive comments. | | If you know more than other people, that's great, but then | please share some of what you know so the rest of us can | learn. If you can't do that or don't want to, that's fine, | but then please don't post. | | https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor. | .. | qeternity wrote: | Lol obviously you've never risen to a level of management in | a giant corporation. | | It's ok. Just keep telling yourself you're smarter than | everyone else. | andix wrote: | From my experience: Yes, they may jeopardize it. | | If docker and containerization is not yet widely used in the | company, a lot of decisionmakers will not buy it, because they | did fine without it for decades ;) | tyingq wrote: | >Do you really think that businesses are going to jeopardize | the workflows of their $250k/year assets over a very core piece | of software for $250/year? | | Tech companies? No, they will probably cough up until they have | another solution. | | IT departments in non-tech companies? Yes. I fully expect a | circus there. Many won't have known it was being used, | purchasing will have their ego bruised by a company "hijacking" | them and won't want to pay, and so on. | otabdeveloper4 wrote: | The places where I worked there's an inverse relationship - the | smaller the cost, the harder it is to justify with finances. | ($4000 monthly AWS bill for "testing purposes"? No questions | asked. $10 wireless mouse? Mission impossible!) | WhatsName wrote: | In case you aren't aware, it's easy to explain by that fact | that most finance departments are afraid to question your | spendings on grounds of looking incompetent. | | So it's less about 10$ and more about: "I understand what a | wireless mouse is and it doesn't look mission critical to | me." | | "No idea what those items on that AWS bill mean, but I'll | probably be better off not asking" | Tarsul wrote: | he, well said. It's basically the bike shed effect: | https://en.wikipedia.org/wiki/Law_of_triviality | xenadu02 wrote: | If you must exist in this kind of organization use this to | your advantage. Get involved in important projects, setup | purchase proposals, then make sure you add in new laptops, | cables, mice, extra monitors, and whatever other | accessories you need. Do you have a remote KVM attached to | all 100 servers? Yes. Will finance care if you add 100 | monitors, keyboards, mice, etc? Nope. Will your vendor | happily add those on to the price? Yup. How do you get | involved in projects? Find a Director or VP who wants to | get something done and say "yes" or "we'll find a way" to | whatever it is they want to do. Then do your research and | give them a proposal: "We can accomplish X in 24 months | with Y headcount and Z equipment budget". If you can | cultivate a reputation as someone who "gets things done" | eventually you will find the normal rules no longer apply | to you. Finance will stop asking questions about your | projects. | | You have three rational choices: 1. Play the game, 2. Keep | your head down, 3. Quit and move to a company that doesn't | play those games. | | Sitting around complaining that a big company has crappy | inefficient processes is like complaining that water is | wet. A complete waste of time and makes you look | incompetent to other people in the company who _are_ | playing the game. These inefficient processes end up | optimizing for people who know how to talk the code and | cultivate the right relationships. Take advantage of that. | noizejoy wrote: | Your post rekindles memories of the great Y2K era, where | this kind of trick to get many things funded was used | liberally by many in the enterprise world. Good times for | IT budgets! | jacurtis wrote: | Yep, large companies work like congress. | | First you need something core to start a bill around. | Let's make a law that makes it easier to buy guns. | | But no one is going to vote for that, so let's give it a | name you CAN'T say no to. It will henceforth be known as | "The Child and Family Home Protection Act". | | Great we have a cool name and we have a law significant | enough to send to the floor of congress. Now let's get | enough people to promise to vote for it so we don't waste | our time. Oh, Congressman X says that he would vote for | it as long as we add another law about funding polar bear | research. Sure, whatever just add it in, we need the | votes. Congresswoman Y says she will vote for it if we | add a law about requiring masks at church. We need the | votes, tack it on. Congressman Z has been trying to get | more tanks sent to Afghanistan for nearly a decade, if we | add that in I bet he will vote for out law too. | | Then these things get bundled up and sent to the floor | where people vote on laws with fun marketing names added | to them. | | The same thing happens in business. You start off with a | core project like a new ERP system. Give it a complex | sounding name that no one in accounts payable will say no | to. Then we add in a bunch of computers into the budget | that we have been trying to get for 2 years. Add a new | printer. Throw in some docker desktop licenses for our | developers, and then bundle it up and send it to Accounts | Payable. Bam, now you have docker desktop licenses and | new computers. You're welcome. | noir_lord wrote: | "2.4Ghz Laser Based Human Interface Device, $10" seems | cheap approved. | noizejoy wrote: | Another fun approach is to request some number of things | with the intent of getting them denied, so the decision | makers feel like they've done their job and are more | likely to approve other things. The trick is to figure | out the psychology of those decision makers to steer the | denials and approvals properly. | | Off-topic: Similar approach can work with auditors. | Deliberately give them some stuff to write up, so they | don't hassle you on random topics, since they have to | find something to report to justify their existence, too. | | However: There are some great and smart practitioners of | these kinds of gate keeping functions, who are smart and | wonderful to work with. Just like in any walk of life | though, the really good one's are rare. | aenis wrote: | Too cheap. Been in a few places where getting 700k for | something with a boring but plausible name was a no | questions asked thing, but trying to get a $15 miro board | license was literally impissible. I paid for a lot of | tools out of my own pocket to avoid the hassle. I bet I | am not alone with this approach. | pharindoko wrote: | ;D damn right.... Wanted to buy a css framework extension for | 50$ - Mission impossible .. | qeternity wrote: | Exactly. Cost is a proxy for importance (usually). I can't be | bothered to approve your $10 mouse, but I can be bothered to | approve your $10k AWS budget. | regularfry wrote: | I honestly don't think I could get Docker Desktop through our | procurement process before the end of the grace period. It's | not a matter of "this is peanuts" as much as "we're guaranteed | to breach the license terms if we keep using this thing, so | everyone has to get off it _now_. " And then once it's gone, | we'll limp along with whatever plugs the gap until something | else emerges a as a winner, which probably won't be Docker | Desktop. | truffdog wrote: | This reminds me of the genius of AWS. The engineering team | can just buy whatever they want, no questions asked. | hughrr wrote: | Hey we get asked plenty of questions when the bill comes in | :) | namdnay wrote: | That's assuming some kind soul in engineering management has | the patience and leverage to guide this through 10 layers of | purchasing, procurement, finance, legal etc... | | Another likely outcome is that it's "easier" for teams to | switch to another tool (easier in that at least they're not | waiting on a third party for approval) and everyone loses a lot | of time | | Big corporations are not the most efficient beasts for this | kind of situation | marcosdumay wrote: | This. | | Buying anything on my organization costs something around | $10k. Add your price to this to discover the total we are | spending. | | That's on financial cost. The opportunity cost of stopping | technical people to handle the technical details of an | acquisition is just huge, and larger the most differentiation | there is on the market. | mc32 wrote: | Sometimes you can put these things on CC rather than P.O. | ithkuil wrote: | You can drill through layers of that crap if you can sell | something through aws marketplace or equivalent thing that | your company is already set up to spend millions a month. | | Not sure how would that work for a desktop tool. It's in them | to figure that out though | CyanLite2 wrote: | Perhaps you're not understanding corporate bureaucracy. | Nobody wants to be the manager who gets fired for trying to | save $25k by switching from Docker Desktop to {insert random | open source project here}. Not only is it not worth the time | or the risk, but the engineering manager's exact purpose is | to traverse the corporate bureaucracy. It gives them job | security. Plus the engineering manager can negotiate big | discounts with the vendor and can brag about that on their | own performance reviews. | whimsicalism wrote: | It's not the manager, it's some department somewhere else | that'll take weeks to respond and then you'll have to chat | with them about it and they'll be like "i don't see why | this is necessary" | oneplane wrote: | That is not the point he was making. It's about wanting to | get the licenses procured but the process being | unreasonably laborious so people just don't bother. The | problem isn't cost, it's the mess of corporate wastelands. | staticassertion wrote: | I really doubt that procurement is going to be harder than | switching a technology out. | posterboy wrote: | > Big corporations are not the most efficient beasts for this | kind of situation | | What situation, being trapped? I'm not sure what size has to | do with it. Are small corporations maybe more ... agile? | PragmaticPulp wrote: | I've been fortunate enough to work at companies where | engineers were trusted to make small purchasing decisions. It | works well for a while, but eventually everyone accumulates a | lot of random recurring charges and the company cracks down. | | $21 is nothing for a one-time spend. | | $21 per month per employee is now $252/year per employee, but | now you also need someone managing all of these licenses and | accounting. Every new employee or team change requires some | juggling of licenses with associated turn-around times before | that person can get started. | | It's not bad when it's just a couple key pieces of software, | but it doesn't take long before every engineer has some mix | of 20 different subscription tools and platforms and licenses | and you're on the phone with a different vendor every week | doing the annual subscription renewal pricing negotiation | dance. The sales people know how this works and would prefer | to wear you down with endless conference calls until you get | tired of negotiating and just pay the new, higher price | they're asking. | | Soon, all of those "cheap" tools have added up to $1000/month | or more per employee with a couple people dedicated to | managing these licenses and negotiating with vendors all of | the time. And it's terrible. | | When the tool isn't easily replaceable, you deal with it. I'm | not sure I see that with Docker Desktop, though. When you get | a new hire, do you tell them to submit a ticket with | licensing and wait until they can get their Docker Desktop | license? Or do you simply write some documentation about how | to accomplish tasks without using Docker Desktop so you can | remove another external dependency? Teams generally gravitate | toward the latter. | cies wrote: | > requires some juggling of licenses with associated turn- | around times | | This! I've always said that a bit reason for FLOSS to win | over the internet server-side is because scaling fast and | juggling livenses is just too hard. Especially with the | prying eyes of Oracle/MSFT/etc's powerful legal teams and | hidden "phone home" code. | | Going with a LAMP stack was just to simplest way to keep | moving at speed. | acdha wrote: | One other big factor: certain other vendors have very | aggressive sales tactics which essentially boil down to | "buy a bunch of stuff you don't need or we'll audit every | computer in your company and charge a penalty for anything | we can find to quibble with". | | Docker doesn't need to actually do that to run afoul of | policies based on the scar tissue from those other vendors. | Simply going from "you can use it without being sued" to | "we have to pay people to make sure we'll win" will | increase the perceived cost at many large shops. | kristjansson wrote: | Yup, this is the concern. Having been kindly asked by | Oracle to remove virtualbox extensions, this sort of | gotcha/conditional pricing feels dangerous | acdha wrote: | The big thing for me is the question of the future: they | say they currently won't be predatory about it[1] and I | have no reason to doubt that the people saying that are | being completely honest, but we don't know who will be | working there in the future or where the next | acquisition/merger will take them. | | Without a contract, it's hard to disagree with the policy | types who are going to ask what protects the organization | if that happens. Once you go down this path even a | little, the barriers to entry at large organizations go | up since you have to look at it from the perspective of | both the upfront cost and possible future cost / off- | ramps. | | 1. https://twitter.com/scottcjohnston/status/143272649295 | 845376... | jeremyjh wrote: | Fixing this has to be a great business opportunity. Surely | someone is already working on it? | wintermutestwin wrote: | OpEx is much easier to get vs CapX. That's why so many things | are subscription now. (also Sarbaines Oxley pushed vendors | into subscription models) | jdwithit wrote: | This poster has clearly worked at the same kind of companies | I have. Plenty of them would _gladly_ burn 10x what it would | cost to just buy the damn license on engineering man-hours | switching something that 's inferior but free. Because it | doesn't show up as an expense on the annual budget. | | The concept of opportunity cost is completely lost on a lot | of business leaders. | alkonaut wrote: | If someone suggests a tool that costs $1k/yr over a free | tool that costs $5k/year in extra work, I'm going to die on | the free tool hill. Because the $1k/yr tool will disappear | when the company goes defunct, or it won't interoperate | with something else and there is no way of fixing it. Or it | can't migrate to the next tool. Or we need to upgrade to an | enterprise license because we become 21 developers instead | of 20. Or they just bump the cost to $20k for whatever | reason. Or the tool won't work on CI servers because it | only works after entering a key in an attended install (yes | this is still a thing). | | Free tools have a predictable and stable cost. | | I have probably been burned more times from free tools over | the years, but the scars aren't as deep. It's just a shrug | and hoping the other project works when the first doesn't. | Closi wrote: | > Free tools have a predictable and stable cost. | | Unless they suddenly turn from free into a $21/month per | person fee. | 10000truths wrote: | I think he means free as in open source, rather than free | as in freeware. In which the worst case scenario is that | you are stuck with the last open-source version, but at | least you retain full control over your fork of the code | and can add features and bug fixes as you see fit. | alkonaut wrote: | Indeed. Proprietary/Closed-source but costing $0 is the | worst of both worlds. | bluGill wrote: | Then I'll find the fork and use that. We have already | done that a few times. There is a reason we audit all the | licenses of open source software we have. | Johnny555 wrote: | A big advantage of using free open source software is that | the licensing prices will never increase because the | company needs a new revenue stream to support its business | model. | | Docker Desktop was free, now it's $21/month, what will it | cost next year when Docker needs more money? | sokoloff wrote: | That depends on how many frogs contentedly stay in the | pot. | rchaud wrote: | Licensing prices might not increase, but paid technical | support costs could theoretically be unlimited. | Especially if you're at the mercy of an open-source | software that isn't well-maintained. | sokoloff wrote: | A lot of the driver here is not in the moment short- | sightedness, but rather a byproduct of the procurement or | other finance processes (ironically often instituted with | intent to prevent waste and fraud or make the company more | efficient). | | It's not just the $250/yr/dev, but rather the requirements | to create a new vendor in the ERP morass, to get approvals | for an exception to the standards for payment terms (and/or | methods), any requirements for vetting vendors, etc. | | If you're selling to an enterprise, don't charge just above | whatever the "employees can put it on their card without | approval". If you're going to exceed that, you might as | well exceed it by a lot. (If you're going to make every | developer file an expense report every month, I can readily | prefer to do a lot of command line typing rather than | filing an expense report... If I automate that for a lot of | my fellow devs, I get to do something fun and be a minor | folk hero.) | | https://www.joelonsoftware.com/2004/12/15/camels-and- | rubber-... | zapita wrote: | A lot of those enterprises already have Docker on the | vendor list though, because of Docker Hub. | treeman79 wrote: | I've seen companies burn half a million in developer time | to save 10k or less several times. | | Oh some JavaScript graphing library is expensive. Let's | roll our own! | | Heroku meets our needs 100% let's spend millions to switch | to K8 and have a much worse experience. | sokoloff wrote: | The 4 hours I spent learning the basics of d3 and then | couple hours a night for a few weeks working through | examples (of others and of my own design) really gave me | a powerful new tool for charting applications. Rolling | your own is difficult to justify, but "learn and use d3 | (BSD licensed)" seems an entirely reasonable alternative | to a high-priced commercial offering. | grp000 wrote: | How much of that is developers doing it because they want | to make something new? | OJFord wrote: | It's very impactful though, it'll probably be people seeing | it as highly visible and career-advancing who manage to | muster the 'patience and leverage'. | | If the org's been thoughtful to in advance, it's at the level | of being almost an operational risk - all of engineering uses | this tool, tool's licence or pricing might change, retooling | has an associated cost and down-time. | roguecoder wrote: | That price is per person, not total. The highest total I've | heard so far is going to cost that company $108k a month, for a | development tool. | | VCs are shooting themselves in the foot here: it is very | obvious that we should never adopt any technical tool backed by | VC, because they will eventually try to make us an offer we | can't refuse and then go out of business shortly thereafter | when their extortion attempt doesn't work. | stevebmark wrote: | What companies are offering $250k/year for engineers? | adolph wrote: | TCO ain't paycheck offer | | Salary + Taxes (Payroll, etc) + Fringe (Healthcare, etc) + | Dev licenses + Training/conferences = paycheck * (n > 1.5) | cebert wrote: | It seems like 200k+ is pretty typical for Engineers with at | least some experience even in less hot markets like the | Midwest. I know several developers in the Metro Detroit area | making more than 200k base. | yellowbkpk wrote: | At least Facebook, Apple, Amazon, Netflix, Google, Microsoft. | ArchOversight wrote: | When you add up salary + benefits + workplace amenities + | taxes + software licenses and whatnot, you get there mighty | quick. | stevebmark wrote: | I don't know what you mean by taxes, my question is about | 250k base, excluding bonuses, stock, and excluding the | supposed monetary value of benefits/training/travel/home | office whatnot | InvaderFizz wrote: | The statement was that the engineer is a $250k asset to | the company. | | Rule of thumb TCO for headcount is 1.5-2x salary to | account for taxes, Medicare, health insurance, equipment | cost, licenses, office square footage, stock options, | travel, etc. | | So a $250k asset from a business perspective is typically | someone that makes $125k-$165k. | golover721 wrote: | In the US, companies are responsible for paying 50% of | the medicare and social security taxes for each of their | employees. | jpambrun wrote: | I think you don't understand how big company procurement work. | Getting legal's and procurement's attention to look at this is | more effort than its worth. The logistics of managing licenses, | single sign-on, etc is a nightmare. Besides, running docker is | already frowned upon by InfoSec and require special permission. | It will never happen where I work. Not because of money, but | because it's too much trouble. | captainmuon wrote: | I guess it depends on the enterprise. I can imagine the | thoughts of certain managers: Recurring costs? Something that | used to be free and now they want money? Pricing per user? More | expensive than Office 365? | gfiorav wrote: | Exactly. This makes sense. | | USD 21 per user/month + bulk discount is nothing. | | If companies want to roll their own they can, but most won't. | Docker Desktop adds a lot of value if only by removing the | hassle for quick os-agnostic development. | eptcyka wrote: | What is the value add for Docker Desktop? | | In a world where podman exists, what's the point of docker on | dev machines anyway? | gfiorav wrote: | The fact that you _could_ do something alternative doesn't | mean it's easy, supported, or streamlined for developers or | company tech ops. | | I don't think that thinking like an engineer will help you | understand the value add here. | trey-jones wrote: | Well, I hadn't heard of podman until now, and I imagine I'm | not the only one. Does it consistently have functional | parity with docker? | zerkten wrote: | It doesn't matter if it has parity of functionality when | Docker has grown to the point where it has name | recognition with enterprises and a sales team that can | engage with these large customers. | | It needs to have parity in all other pseudo-layers (3rd | party tool support, support plans, OS support, someone to | sign a contract with, compliance tools, etc.) We know | most of these go unused or have no real meaning to devs, | but they unlock enterprise procurement. | | I believe podman has a linkage to RedHat which may | actually bring all of the things that procurement want to | hear, but the question is whether the door is open to | RedHat, or not. Procurement departments can be fickle, | preferring Oracle for everything or the other way round | trying to eradicate Oracle while permitting a combination | of others. It's all politics based on previous | experiences and opinions in the end. | eric__cartman wrote: | I use it on my Fedora dev machine and it's pretty good. | Still wouldn't replace a mission critical machine with | it, as it isn't the primary target for docker containers | to run on and it can break more easily. | eptcyka wrote: | trey-jones, I apologize, but I cannot reply to you | directly. | | The biggest showstopper for podman is that it runs | entirely in userspace on Linux. Having said that, I use | it as a drop-in replacement for Docker and it's only | become better in the past year. This is somewhat | irrelevant to the Docker Desktop product, as podman | doesn't provide a nice packaged up solution, but you can | use podman on Windows and Mac as long as you have a Linux | host available, either as a guest VM or as a machine | _elsewhere_ on the network, see [1]. I only use Linux if | I can, and the ability to run images without having to | run a daemon with root privileges is a very big bonus for | me, but it might not be for you. Now I do wonder, how | hard would it be to declare a minimal nixOS VM for | running as one's podman host :) | | [1]: https://podman.io/getting-started/installation.html | Sebb767 wrote: | > The biggest showstopper for podman is that it runs | entirely in userspace on Linux. | | As I see it, that's the whole selling point. Need to have | something with limited rights or build a container | without root? Podman is the way to go. | eptcyka wrote: | I agree, what's missing is a nice VM appliance for macOS | and Windows. | theptip wrote: | Docker for Mac includes a Kubernetes cluster that's way | better than minikube etc. | | Not sure the bare docker daemon VM wrapper has a defensible | moat though. Maybe this does more in Windows? | andyroid wrote: | How about the fact that not all, or even most, dev machines | run Linux, which is the only platform podman supports? | oplav wrote: | I don't use podman, but a quick search shows that you can | install podman on Linux, Windows, and MacOS. Are you | referring to something else? | | https://podman.io/getting-started/installation | kristjansson wrote: | > Podman is a tool for running Linux containers. You can | do this from a MacOS desktop as long as you have access | to a linux box either running inside of a VM on the host, | or available via the network. You need to install the | remote client and then setup ssh connection information. | | Literally the first non-title element in your link. Just | because the client is cross-platform doesn't mean the | entire solution is turn-key cross-platform. | dralley wrote: | If you read the instructions, they basically say that you | still need a Linux VM or WSL environment to run Podman | in. Which makes it not a complete replacement for Docker | desktop, which handles the VM for you. So OP isn't wrong. | [deleted] | jandrese wrote: | It's not the amount of money that is the issue, the issue is | that it this wasn't budgeted into the project when it was | proposed 2 years ago. It is software that falls under category | S which means you can't use overhead funds it has to be a | category S purchase, but you have no category S funds budgeted | to the project because you were using free software. | | Being so cheap actually complicates the matters even more, | since the finance people don't really want to mess with | purchases less than $5,000, even though it is their own rule | that requires all software to go through them regardless of | cost. It just means they won't be willing to help very much. | mike_hock wrote: | Which is why this shady tactic works time and again. | ryandvm wrote: | I think you're correct about existing users at large | corporations. Converting all those into paid accounts is a no- | brainer. | | However, this will have a massive change on the competitive | landscape. For companies that haven't yet adopted Docker, this | is a huge red checkmark. This change is going to spur | development on open source alternatives like nothing else | could. | qeternity wrote: | Nah. We're not 250 people. We use docker, and we won't | stop/switch because of it. | | This is such a good problem to have. I would love to cut | Docker Inc. a check. | | And we've basically moved over to garden (a k8s dev env) | anyway. But we still use docker plenty. | BCM43 wrote: | Since they've buried it a little: | | "Specifically, small businesses (fewer than 250 employees AND | less than $10 million in revenue) may continue to use Docker | Desktop with Docker Personal for free. The use of Docker Desktop | in large businesses, however, requires a Pro, Team, or Business | paid subscription, starting at $5 per user per month." | dang wrote: | This comment was originally posted to | https://news.ycombinator.com/item?id=28368997, so it's quoting | the press release, not the current article. We've since merged | the threads. | judge2020 wrote: | Anyone know how they plan to enforce this? Audits into the IP | space connecting to hub.docker.com? Maybe arbitrary device OS | detection a la (nmap -O $local_subnet | grep | -ci 'Macbook') > 250 | qeternity wrote: | They won't need to. The number of 250+ engineer businesses | that would risk running unlicensed software is small. | merb wrote: | well it is AND: "AND less than $10 million in revenue" | | basically most companies with ~50 people probably has 10 | million in revenue (annually). considering wages and | buildings and stuff you need for 50 people... | academia_hack wrote: | I don't think it's 250 seats, but 250 employees. Lots of | fairly low tech businesses (such as restaurant or retail | chain or universities) may have less than a dozen docker | users but still cross that total threshold. | qeternity wrote: | Well, that makes it even cheaper. | hbn wrote: | Maybe this is common knowledge, but I saw an ad recently | for a company that offers money to snitch on your employer | for using unlicensed software, or not paying for free-for- | personal-use" software | YetAnotherNick wrote: | I don't get it. There still seems to be a free version, which | includes bundled docker engine, right? I think this is the only | part of docker desktop that most devs need. Private repos were | always a paid feature AFAIK. | | The concerning text written is "Limited image pulls per day". | What's the limit here? | [deleted] | throwawayy293 wrote: | I personally support Docker Desktop for Mac for an organization | of 250-300 engineers. | | I have been supporting it for 2 years now. Been through all the | Docker Desktop upgrades, performance issues everytthing. I have | researched docker performance on macs running k3d + k3s + istio | and a bunch of microservices. I have had to jump into the | internals of Docker daemon and docker cli and networking to solve | how docker networks are provisioned for various proxying issues. | | 1. Docker dragged their feet with native performance for file | syncing. We have to selectively enable it and just so that it | doesn't bog the machine down. | | 2. When running it gets the CPU running at 75-80C, causing the | fan to run non-stop at 3000 rpm at least. It is definitely impact | by bad macbook pro design, which is terrible at airflow and heat | sink activities | | 3. We were on unstable for a bit to test the new file syncing | approach. Docker dropped that in stable and said "deal with it" | | 4. The paid forced upgrade notification means that I can't peg | the Docker Desktop version for the whole org at a certain | version. | | 5. Right after we switch from the unstable to stable, the next | minor version is a breaking change. | | 6. Number 4 would be fine it docker would keep to their guarantee | of stable being stable. They do a terrible job of being backwards | compatible. The current stable we had was 3.3.1. With the | constant minor upgrades, and pushing people, some people went to | 3.6.0. (the latest as of yesterday, Aug 30) This broke everything | inexplicable with just a VM error where k3d would keep crashing. | I downgraded everyone back to 3.3.1 to get teams unblocked while | waiting for me to find a fix. | | 7. Finding a fix usually involves waiting for Docker to | prioritize something but at this point I don't trust that Docker | know what it is doing. | | I am currently pushing for Linux laptops, hosted dev environments | and reducing the need to run distributed monoliths. We shall see. | alanwreath wrote: | " the Docker Desktop updated terms only apply to Mac and Windows | " | tacobelllover99 wrote: | Mirantis needs to pay the bills | dpratt wrote: | This appears to be cutting of their nose to spite their face. We | have a team of 50+ engineers that all use Docker for Mac for | daily development tasks, but I suspect that will no longer be | true in a rather short amount of time. Frankly, I don't really | know if anybody actually uses the UI components for it outside of | starting and stopping the engine and for basic configuration of | the VM. Everything else that comes with it is just useless cruft | for our use cases. | | As soon as there is a viable alternative (and I'd be happy to | contribute to the effort), I'll be moving away from Docker for | Mac. | solarkraft wrote: | > As soon as there is a viable alternative (and I'd be happy to | contribute to the effort), I'll be moving away from Docker for | Mac. | | I just SSH into my server. The biggest pain about macOS is that | it can't easily mount SFTP. | wiredfool wrote: | I've been doing development in docker, but unrelated to that | I did an upgrade to big sur and borked the machine for a few | days. | | Pulling the same projects to my (admittedly quite fast) linux | box in the cloud is night and day for speed in docker with | volume mounts. Browserfy runs 5x faster, at least. Yarn | install is 10x faster. | | And it's reliable. Docker's filesharing on the mac has about | a 25% failure rate that any given save will be properly | picked up by watch, with a complete, uncorrupted, updated | file. | vhodges wrote: | Fuse/sshfs exists for OSX. Seems to work okay the little I | played with it. | watermelon0 wrote: | I used fuse/sshfs quite a lot in the past, and never had | much issues (I think most of my issues were with how my | editor displayed and refreshed the file list, not with the | actual sshfs implementation, and were similar to those on | Linux/Windows.) | smoldesu wrote: | Ouch, really? Cyberduck was always one of my first installs | simply due to how much I spited Finder, but I didn't know | things were... that bad. | mockingbirdy wrote: | You can mount SFTP with Mountain Duck [1], from the creators | of Cyberduck. Costs around $40. | | [1]: https://mountainduck.io | rcarmo wrote: | For the Mac, just get Canonical's Multipass | (http://multipass.run) and do an apt-get to install Docker into | a VM and use VS Code to "remote" to it. It will automatically | install the Docker extension inside the Linux VM and you're | set. | | For Windows, use WSL2 and do the same. | | Both can mount "local" folders, although the setup is obviously | different. | | You now have a better way to manage containers than ever | before. | SkyMarshal wrote: | Why run Docker inside a VM on a Mac, when you can just run | the Linux dev environment directly inside the VM? That's just | starting to sound like Docker for the sake of Docker. | | Multipass, Qemu, and Parallels can all provide a solid VM on | Mac host. All you need after that is your dev environment VM | guest image to deploy to the team. | | https://wiki.qemu.org/Hosts/Mac | | https://www.parallels.com/ | osdril wrote: | On Apple Silicon Multipass actually uses QEMU under the | hood. Basically it's just a (very convenient) wrapper | rcarmo wrote: | Because you can map your working folder inside it on both | Multipass and WSL2, and you can get an integrated editor | experience with VS Code, which is what many people | apparently want to do (I'm a tmux guy so I don't care, but | I thought I'd provide a user-friendly approach). | dsjoerg wrote: | Some people here actually want and need Docker features. | For me it's the ability to run from a given image and know | that I've got _exactly_ the same image that other | developers have. Reproducibility. | techthumb wrote: | When I want a very specific version if the image, I use | the SHA to pull/run $ docker pull hello-w | orld@sha256:7d91b69e04a9029b99f3585aaaccae2baa80bcf318f4a | 5d2165a9898cd2dc0a1 | _joel wrote: | Or you could tag a little more optimally. | rileymichael wrote: | Tags are mutable, digests aren't. | horsawlarway wrote: | I might be wrong, but I think his point is that by the | time you're running a linux VM for docker, why not go | ahead and get the rest of the tooling for free? | | Docker can still be run in the VM just fine, for cases | where you want a reproducible build environment. | | I do this at any company that lets me (and by lets, I | mean doesn't explicitly forbid) - They all give me a Mac, | and the first (and sometimes only) thing I install is | usually vmware fusion, followed by the linux distro of my | choice (Arch). | sneak wrote: | Because the end result of a lot of workflows (eg k8s) is a | buildable dockerfile, or built docker image for deployment. | nklmilojevic wrote: | Doesn't work on M1 chips yet. | osdril wrote: | It's in "beta" right now but it works quite well (you can | find the binary in the dedicated GitHub issue). Under the | hood it just uses QEMU which in turn uses Apple's | Hypervisor.framework for virtualization | alanwreath wrote: | Can't say that limiting developers to VSCode is necessarily a | step forward. | rcarmo wrote: | Well, it does set up everything automagically for you. I | can also dig around for my Docker CLI config and the right | way to expose the Docker TCP socket to the host, but if you | need a quick way to get working, VS Code is it. | mbreese wrote: | You don't need VSCode specifically, but it does provide an | alternative GUI for managing Docker containers that isn't | tied directly to Docker Desktop. | | You could use anything to manage the Docker VM... VSCode is | just one option. | secondcoming wrote: | Why don't you just use the VM directly? | rcarmo wrote: | Folder mapping, which both options provide. | judge2020 wrote: | Do you mean APT via | https://docs.docker.com/engine/install/ubuntu/, correct? | rcarmo wrote: | No, you can apt-get docker.io (the repackaged version | available for the last 2-3 LTS releases, built from source | and with fan networking support). Works for 99.9% of your | use cases. | [deleted] | boublepop wrote: | Personally I think just running portainer as a container is a | viable alternative to docket desktop. But I never really used | the UI much, so perhaps there are features I don't know of. | judge2020 wrote: | Unless there's podman or similar for local dev, you'd still | need Docker Desktop to use it on Windows/MacOS. | [deleted] | mgkimsal wrote: | > (and I'd be happy to contribute to the effort) | | Isn't paying their fee also contributing to the effort of what | they've put in to it so far, and ideally what they'll do to | keep it working and improve over time? | make3 wrote: | 21$/month/user is nothing for the business setting. | zapita wrote: | You're going to spend scarce engineering resources | reimplementing a Docker for Mac alternative, then roll out your | immature alternative to 50+ engineers, instead of paying a few | hundred dollars a month for a good product and moving on? | | It seems to me you would be the one cutting off your nose to | spite your face in this scenario. | coding123 wrote: | The reason this move isn't popular is because it seemed like | local docker development (for any size corporation) was | always going to be free. If I personally had known this was | in the cards I would have invested (time, money and effort) | into alternatives earlier on. Instead they killed all the | competition and are now demanding money. So yeah, this is the | first move by Docker that has made me kind of mad at the | company. | | How does this affect consultants that want to introduce | docker to large corporations but small teams? A lot of | scenarios become crappy now. | dralley wrote: | > Instead they killed all the competition and are now | demanding money. So yeah, this is the first move by Docker | that has made me kind of mad at the company. | | Which alternatives did they kill? The Podman tool ecosystem | is doing fine and is closing in on being a complete | replacement, and Docker Swarm hasn't exactly killed | k{number}s. | chrisandchris wrote: | Assuming that you currently don't need any other than the | functionality the free plan provides, and assuming all 50 | engineers need a license, your ,,a few hundred dollars" is | actually $1'250/month just for getting the same as before. | | I understand (in some way) the decision Docker made but I am | not sure it is the way-to-go. However, it is a very hard | question and if I had to pay a monthly fee for each component | I'm using to develop a solution, one or the other project | would not even start because it's not worth it anymore. | yarcob wrote: | That 50 people team probably costs at least 250000/month. | Are you going to take away a tool that everyone on the team | needs to save 1250? | | Or put another way, how much time would you need to | replicate what Docker offers for a team of 50 people? If it | takes more than 25% of the time of a single employee, then | Docker is cheaper (assuming your employee costs $5000 a | month, which I guess is a lower bound for an engineer). | gigatexal wrote: | I tried getting podman working pointing at a Linux server and | ram into issues as an alternative to Docker. I'm hoping the | kinks get worked out and I can move over. | lanevorockz wrote: | RIP | babaganoosh89 wrote: | So using the CLI is still free on Mac, just not the gui desktop | app? | athorax wrote: | I believe "docker desktop" on mac includes all the various | plumbing to get the docker cli working transparently (vs. | running docker yourself in a VM) | [deleted] | cybrexalpha wrote: | This seems like a bit of a footgun from Docker Inc. Those on | Linux will just run Docker Engine (the open source part) | directly, or move to alternatives like Podman. Docker Desktop | only really has value on macOS and Windows, and there it's only | because nobody wants to manage the glue to setup a Linux VM. | Given the cost, I suspect many will chose to do that glue work | themselves and I wouldn't be surprised to see an open source | project spring up to do that. | | Everything else is handled by other parts of the ecosystem | already, image registries both private and public, orchestration, | etc. | sascha_sl wrote: | macOS is the hard one to solve. It does a lot of magic things | in the background and Docker even created their own "distro" / | VM build system, linuxkit, that went on to be useful in a lot | of other places to make it work. | | A lot of macOS developers imo seem to have more knowledge in | their specific domain and less in how to wire up a VM to look | seamless, they'll need the docker CLI to work with the local | filesystem to keep a lot of existing Makefiles functional, I | see a bunch of companies caughing up money in the short term | just for that. | | Docker Desktop on Windows itself proves quite well that WSL2 | works fine for this use case. | qeternity wrote: | It's not the users who will be paying for it. Enterprises will | bend over and take this 100% | | Good move by Docker, financially speaking. They have little to | lose. | coding123 wrote: | It's a short sited move that will kill D.Desktop. It's not | that these large corps don't have the money for this, it's | how money is allocated in companies. Instead, now all hobby | projects in large corp get killed fast and early because the | hobbyist knows their project is doomed if the company isn't | going to go for a new bill. | | A whole bunch of scenarios die now. | cshokie wrote: | I agree that it seems self-destructive. I use Docker | Desktop at work for a one-off side project that I run | manually every once in a while. Using a container for it | helps keep things maintainable compared to a full VM that | needs full maintenance. If I have to get formal approval | and a purchase to continue using it then the most likely | outcome is this side project stops completely. And with it | my excuse to gain professional experience using Docker. | dhagz wrote: | Honestly, I don't see a reason to keep Docker for Mac installed | on my computer. I haven't run a container workload locally in I | don't know how long and I haven't built a container locally in | even longer. It's just taking up space on my laptop and bugging | me to update what seems like constantly. | duped wrote: | The hype/buzzword driven development surrounding micro | services/containerization has hit middle America and | enterprises spend dumb amounts of money on related projects. I | can see them spending more money on Docker Desktop with no | difficulty, because the incentive is not to save money. | remram wrote: | There is a Docker Desktop for Linux? What does it do? | | Why would I go out of my way to set up Docker differently on my | dev machine compared to my servers? That seems like a recipe | for failure. | simiones wrote: | Nope, there isn't (at this time, at least). | detaro wrote: | front page: https://news.ycombinator.com/item?id=28368997 | dang wrote: | Thanks! | | Although that thread was posted earlier, I think we'll merge it | into this one, on the principle that corporate press releases | tend to make worse HN submissions. This is something of an | exception to HN's original source rule. | | https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor... | zenlf wrote: | On the one hand, I'm sad that I probably have to uninstall docker | desktop because I only use it for small side projects, on the | other I understand Docker Inc's need to monetize as a for profit | company. | | I do have a genuine question though. Can a company just change | their pricing structure and make it effective immediately(I | understand they have a grace period here)? I guess for free tiers | they probably can, because the users have never paid them, but | what if I'm a paying customer? Could Docker simply say sorry we | have changed our pricing from next billing cycle(or tomorrow) you | have to pay 100% more. Could they legally do something like that? | sgt wrote: | "or higher than $10m in annual revenue" .. that isn't necessary a | large company. And it says nothing of profit. ___________________________________________________________________ (page generated 2021-08-31 23:00 UTC)