Containers lower the bar since the developer doesn’t need to make their program work on every system - just the container’s system.
Price we pay for more programs. And they bring boons like read-only, rootless, limited capabilities, and constrained perf limits (esp if you use Podman with Quadlets).
And don’t feel trapped - the Dockerfile is a recipe to build that program. Probably want to do it in an LXC container since it’ll want to use /data for its data or something. But the LXC container can also be run as a user but the program thinks it’s root. Plenty of security abounds!
I think it’s worth the price and you’re not trapped. They’re trapped with you and your robust Quadlet files
Containers lower the bar since the developer doesn’t need to make their program work on every system - just the container’s system.
Price we pay for more programs. And they bring boons like read-only, rootless, limited capabilities, and constrained perf limits (esp if you use Podman with Quadlets).
And don’t feel trapped - the Dockerfile is a recipe to build that program. Probably want to do it in an LXC container since it’ll want to use /data for its data or something. But the LXC container can also be run as a user but the program thinks it’s root. Plenty of security abounds!
I think it’s worth the price and you’re not trapped. They’re trapped with you and your robust Quadlet files