I've only read the first chapter, which is the general presentation of Docker, and it's awful. First of all, it's very long, with many words and a very low ratio of signal to noise.
Many texts look like they were copied from a Docker commercial. For instance the mention of Docker Swarm won't mean anything to someone that doesn't already know Swarm. And there's no distinction of main components against optional components like Swarm.
The final comparison to other container systems is pure junk. It should at least mention when the containers are compatible (like Podman) or not (like LXC).
I'm sorry for the harsh words. I wondered if I should keep silent or prevent other people from wasting their time with this. The low quality had me annoyed enough to opt for the latter.
Seems like I need to improve more on my storytelling skills hahaha
The concept of "Definitive Guide" on my blog is not to write "How to" guides or general overview articles.
It's to use personal experience and storytelling to write articles that are personalized and interesting to read while tackling difficult concepts like Containerization and Docker.
I could understand for the length. But if it's interest and you're getting value, length won't really matter, will it?
I may have gone off point at some point but of course, I'm always learning and improving and your feedback has been helpful.
However, I don't think asking people to avoid the piece is a good idea. If you notice a few mistake based on your level of knowledge on Docker doesn't mean others do.
They need grassroot beginners content to get them started.
Agreed, at best this is a beginner's guide, and a bad one at that.
I only skimmed it, but it doesn't even mention:
- user IDs, dropping root privileges and why you want to do that
- barely scratches the surface with volumes,
- commands like `docker ps` and `docker logs` which are essential for monitoring and debugging
- the common pitfall of exposing ports - the fact that Docker Engine binds on 0.0.0.0 by default. I've seen so many newcomers get their servers pwned because they accidentally exposed a database to the internet (and said database has weak/no auth by default)
Worse yet, it encourages terrible practices like storing secrets in files that are going to be committed in git. I find this surprising, because the author clearly uses `env_file` in docker-compose.yml, but then at the same time they're also hard-coding some secrets in the YAML and copying local `.env` file into the built image - it's all over the place, I don't think the author has a very firm grasp on Docker.
Thank you very much for taking your time to review the article.
Some of the things you listed as things I didn't touch on the article is true. I didn't cover those.
But this article is for beginners and I also indicate that there's an advanced content coming up on it.
For example, when I mentioned Volumes in Chapter 4, I added this "We haven’t discussed Docker Volumes in this guide but you can visit the Docker Content Hub for more advanced topics like Volumes."
To let readers know that there's an advanced topic that covers other concepts.
I even indicated it at the beginning of chapter 4 "Let me know in the comments section. I will share it with you."
Talking about common pitfalls for exposing ports. I didn't go in depth into PORTS because that knowledge will be too overwhelming at that point. At least, you should know how to dockerize an application before trying to secure it.
I have an Advanced Docker content coming up that covers Docker Security, that's where your feedback will be very help which I appreciate by the way.
Lastly, I never encourage storing secrets openly and committing it to git. That is a bad practice in software engineering.
In development, we all store our secrets in an .env file (if you use JavaScript) that is the standard but when deploying or on production, you move your secret to somewhere safe.
So that's the same concept for the article, while building your dockerized app in development I created the common.env file to hold the secrets in my development. During production, It will be secured according to standards and best practices.
I may not have indicated it like this doesn't mean I'm encourage the wrong thing. Beside for a developer to consider learning and using Docker, the developer must have been developing and deploying apps for a while and should know the best practices with SECRETS.
Next time, I will consider indicating it, Thanks to your feedback.
I took an issue with the post primarily because it's misrepresented as "A definitive guide [...]" which sets high expectations in terms of depth and quality of information. It's not even close to living up to those expectations, but I wouldn't have any problem with it had the post been more truthfully titled as "Beginners guide to Docker in 2023" or similar.
> I'm sorry for the harsh words. I wondered if I should keep silent or prevent other people from wasting their time with this. The low quality had me annoyed enough to opt for the latter.
The harshness of your words don't really have much to do with the information you were trying to convey. You could have made the same point -- perhaps more convincingly -- if you had avoided phrases like "awful" and "pure junk."
Many texts look like they were copied from a Docker commercial. For instance the mention of Docker Swarm won't mean anything to someone that doesn't already know Swarm. And there's no distinction of main components against optional components like Swarm.
The final comparison to other container systems is pure junk. It should at least mention when the containers are compatible (like Podman) or not (like LXC).
I'm sorry for the harsh words. I wondered if I should keep silent or prevent other people from wasting their time with this. The low quality had me annoyed enough to opt for the latter.