Gah, I just received this Ubuntu 18.04 VM with 8 cores and 8 gigs of ram, and since it'll be a production server both serving public and "private" networks (yes, shout at me, but projects won't be about hosting sensitive information, I wouldn't put all that on one server), and I'm struggling between my options.

Docker, or not docker?

The server's main use is to host our growing blog and install Varnish, which will hog some ram after a while. I use Laradock for my dev projets, it's really easy to develop with it, but I am unsure if it fits a production environment with performance, security and traffic load in mind :(

I read Docker has stability issues (in 2016-2017), and can bring the machine down with it, I don't know if I should just install the software (nginx, apache, percona/mysql/maria) without "containerizing" it and go for it

I'm lost xD

  • 1
    in my humble opinion, i will go completely with the install thing, there's more space for customization and you don't need varnish for it, Nginx is capable of just serve the files in cache as fast as varnish, just mount a tmpfs filesystem as the cache directory and add some opcache conf to php.ini and add some redis to cache some objects.
  • 2
    Question 1: Why docker / virtualization?

    What is your intention and why?

    Ressource Limiting? Can be done bare metal - with less overhead.

    Seperation of concerns? Given the specs of the machine - seems pointless imho.

    I think bare metal is the easiest solution. And I would utilize varnish only if it's necessary... Start small. Monitor. Modify as needed.

    Less complicated. Less bloat. Smaller chance of brain fuck.
  • 0
    @mowgli Thanks for the insight man :) I've read a few guides on doing this for PHP, if you're telling me it's worth it I'll give it a try! :D

    @IntrusionCM I'm thinking of docker because I use it for my developments. I find it easy to configure my containers to my needs and it's pretty straightforward. Plus all web related files are in VM's which are manageable and isolated from the OS. On Windows it's a good argument, less on a production server. True that less complications leads to less fuss and better results :D

    Thanks for the insight as well :) never done this before so it's quite new
  • 1

    Sorry if I was rude.

    I'm used to sysadmins who tend to overdesign things - unnecessary MySQL replication for a database, caching wherever it fits and so on.

    Most of the time I can stop things before bad things happen™, but some of the production servers still suffer from 'lets throw solutions at non exisiting problems' or 'lets solve the code problems by throwing hardware at it' ...

    And it makes really no fun when you sometimes need to think half an hour just to be sure that a simple DDL (Alter table) works instead of mayhem thanks to replication... Or altering assets - and having fun because the overzealous caching makes a boo boo which leads to client poo poo...

    again - sorry :(
  • 0
    @IntrusionCM no harm taken :o no rudeness detected neither haha I actually appreciated the "start small, build bigger over time" argument which makes things more down to earth

    No worries!
  • 1
    if you'd ask me i'd still go for non docker just because IMO its more easier to fix and implement security
  • 0
    @monmadmatt 3 to 1 against docker, I can see where the trend goes :)! Thanks man!
Add Comment