The one “good” thing about containers is that you keep your DLL-like mess localized. Just one or a few related apps run in the container and if they want / need some weird library version, they can have it without breaking other things.
Yeah but that’s a huge benefit already. I am not savvy enough in the development side to know whether that’s a reward that justifies any of the frustrations people have. Personally I don’t really mind varying methods to do any one job, as long as it’s well-documented, easily managed, and does not create a higher load on the system in any respect.
I view the delays during launch and the extra time spent during updates as a “load on the system.”
Also, it entirely depends on your deployment environment. I develop system images that go out on thousands of devices deployed in “Cybersecuity Sensitive” environments, meaning: we have to document what’s on the system and justify when anything in the SBOM (list of every software package installed on the machine) is identified as having any applicable CVEs… soooo… keeping old versions of software anywhere on the machine is a problem (significant additional documentation load) for those security audits. Don’t argue with logic, these are our customers and they have established their own procedures, so if we want their money, we will provide them with the documentation they demand, and that documentation is simplest when EVERYTHING on the system has ALL the latest patches.
The most secure systems are those that don’t do anything at all. You can’t hack a brick.
Hey, like I said, great info for me to learn because I don’t know. I was only saying that I don’t mind because my situation is fine with it. Thanks for the info, it’s interesting. I’m sure for any situation there’s a better and worse solution and I’m sure that for any solution, there’s a situation that either likes or dislikes the approach.
Yeah, I agree. Canonical seems to think “snaps are for everyone” so, for both my personal and professional applications they have decided: “Canonical is not for me.”
I don’t really care about all these different things, as long as none of them become a crazy confusing mess, like Windows DLLs.
The one “good” thing about containers is that you keep your DLL-like mess localized. Just one or a few related apps run in the container and if they want / need some weird library version, they can have it without breaking other things.
Yeah but that’s a huge benefit already. I am not savvy enough in the development side to know whether that’s a reward that justifies any of the frustrations people have. Personally I don’t really mind varying methods to do any one job, as long as it’s well-documented, easily managed, and does not create a higher load on the system in any respect.
I view the delays during launch and the extra time spent during updates as a “load on the system.”
Also, it entirely depends on your deployment environment. I develop system images that go out on thousands of devices deployed in “Cybersecuity Sensitive” environments, meaning: we have to document what’s on the system and justify when anything in the SBOM (list of every software package installed on the machine) is identified as having any applicable CVEs… soooo… keeping old versions of software anywhere on the machine is a problem (significant additional documentation load) for those security audits. Don’t argue with logic, these are our customers and they have established their own procedures, so if we want their money, we will provide them with the documentation they demand, and that documentation is simplest when EVERYTHING on the system has ALL the latest patches.
The most secure systems are those that don’t do anything at all. You can’t hack a brick.
Hey, like I said, great info for me to learn because I don’t know. I was only saying that I don’t mind because my situation is fine with it. Thanks for the info, it’s interesting. I’m sure for any situation there’s a better and worse solution and I’m sure that for any solution, there’s a situation that either likes or dislikes the approach.
Yeah, I agree. Canonical seems to think “snaps are for everyone” so, for both my personal and professional applications they have decided: “Canonical is not for me.”