[11:54] <cmaloney> morning
[17:26] <cmaloney> Are we having fun yet?
[17:26] <greg-g> just found out no merit increases this year, only a (less than normal) COLA increase for all staff applied uniformly. I can't complain, I have a job.
[17:27] <cmaloney> Yeah, that's hard to complain about
[17:31] <jrwren> i am.
[17:31] <jrwren> TIL: podman has been a better docker replacement for years. dunno why anyone uses docker on linux these days.
[17:50] <cmaloney> habit and mindshare afaict
[18:53] <mrgoodcat> momentum
[18:54] <mrgoodcat>  most people don't have a problem with docker, or if they have a problem they google "how to X with docker" or "make docker do X"
[18:54] <cmaloney> Also if it doesn't work well on Windows then it's a non-starter
[18:54] <mrgoodcat> and container services advertise "works with docker"
[18:55] <mrgoodcat> at many companies, if you use some other docker-like at work and some shit hits the fan you're in trouble even if that same shit would have hit the fan with docker
[18:55] <mrgoodcat> very unlikely you will catch any shit for using docker
[18:55] <cmaloney> Good point
[18:55] <jrwren> we just fired docker so... i dont have to worry about taht ;)
[18:56] <jrwren> 'no one ever got fired for buying IBM'
[18:56] <mrgoodcat> fwiw i have not had any major problems with docker that were not relatively trivial to work around, but I have also not done anything all that advanced
[18:56] <jrwren> me either... until I did.
[18:56] <mrgoodcat> mind sharing?
[18:56] <jrwren> and the more I dug to try to solve it, hte more I learned that garbage docker is.
[18:57] <jrwren> the way it does networking is nasty.
[18:57] <jrwren> the port map doesn't actually port map, it uses a proxy process.
[18:57] <jrwren> that is why you don't get real REMOTE_ADDR
[18:57] <cmaloney> oof
[18:57] <jrwren> and it has some networking options, but none that work the way I need for a sane pihole network setup.
[18:58] <jrwren> but it looks like podman does. I'll let ya know when I get around to actually moving it.
[18:58] <mrgoodcat> i have heard of the not being able to get remote addr problem. most of the time the workaround suggested is to put it behind something like nginx and trust the x-forwarded-for header, but that is a shit solution
[18:59] <jrwren> and the docs for docker actually don't talk about it. they suggest that docker uses iptables and actually does DNAT correctly, but in practice it doesn't.
[18:59] <jrwren> its ok, it is a niche, and I know it.
[18:59] <mrgoodcat> at BigCorp though, they want you to put it behand AWS Elastic Garbage Disposal anyways though which does x-forwarded-for
[18:59] <jrwren> ha!
[18:59] <jrwren> maybe at your big corp.
[18:59] <jrwren> at my bigcorp... well... like I said... we fired docker.
[19:00] <mrgoodcat> where do you work? i use BigCorp as a euphemism for the industry of enterprise software in general
[19:00] <jrwren> oh.
[19:00] <jrwren> I work for Cisco.
[19:00] <mrgoodcat> oh a legit bigcorp
[19:00] <jrwren> yeah.
[19:00] <mrgoodcat> also cisco is like The Champion of host it yourself
[19:00] <jrwren> although ALL of cisco didn't fire docker, just our little piece.
[19:00] <mrgoodcat> obviously they don't want you to aws lol
[19:01] <jrwren> 100 of the 72000