Docker is deleting Open Source organisations - what you need to know

As an SRE Manager, this is causing me a hell of a headache this morning.<p>In 30 days a bunch of images we depend on may just disappear. We mostly depend on images from relatively large organizations (`alpine`, `node`, `golang`, etc), so one would want to believe that we&#x27;ll be fine - they&#x27;re all either in the open source program or will pay. But I can&#x27;t hang my hat on that. If those images disappear, we lose the ability to release and that&#x27;s not acceptable.<p>There&#x27;s no way for us to see which organizations have paid and which haven&#x27;t. Which are members of the open source program and which aren&#x27;t. I can&#x27;t even tell which images are likely at risk.<p>The best I can come up with, at the moment, is waiting for each organization to make some sort of announcement with one of &quot;We&#x27;ve paid, don&#x27;t worry&quot;, &quot;We&#x27;re migrating, here&#x27;s where&quot;, or &quot;We&#x27;ve applied to the open source program&quot;. And if organizations don&#x27;t do that... I mean, 30 days isn&#x27;t enough time to find alternatives and migrate.<p>So we&#x27;re just left basically hoping that nothing blows up in 30 days.<p>And companies that do that to me give me a <i>very</i> strong incentive to never use their products and tools if I can avoid it.

Docker the tool has been a massive benefit to software development, every now and then I have a moan about the hassle of getting something bootstrapped to run on Docker, but it&#x27;s still worlds better than the old ways of managing dependencies and making sure everyone on a project is aligned on what versions of things are installed.<p>Unfortunately Docker the company appears to be dying, this is the latest in a long line of decisions that are clearly being made because they can&#x27;t work out how to build a business around what is at it&#x27;s core a nice UI for Linux containers. My hope is that before the inevitable shuttering of Docker Inc another organisations (ideally a coop of some variety, but that&#x27;s probably wishful thinking) pops up to take over the bits that matter, and then hopefully we can all stop trying to keep up with the latest way in which our workflows have been broken to try and make a few dollars.

&gt; Start publishing images to GitHub<p>And when GitHub starts similar shenanigans, move out to where? I am old enough to know the we can&#x27;t trust BigTech and their unpredictable behaviors.<p>Eventually we need to start a Codeberg like alternative using Prototype funds to be self reliant.<p>1: <a href="https:&#x2F;&#x2F;codeberg.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;codeberg.org&#x2F;</a> 2: <a href="https:&#x2F;&#x2F;prototypefund.de&#x2F;" rel="nofollow">https:&#x2F;&#x2F;prototypefund.de&#x2F;</a>

My first thought on this was good riddance. The dev model of &quot;we&#x27;ve lost track of our dependencies so ship Ubuntu and a load of state&quot; never sat well.<p>However it looks like the main effect is going to be moving more of open source onto GitHub, aka under Microsoft&#x27;s control, and the level of faith people have in Microsoft not destroying their competitor for profit is surreal.

The truth is Docker ( the company ) could never capitalize the success of their software. They clearly need the money and I have the impression things have not been &quot;great&quot; in the last couple of years. ( regardless of reasons )<p>The truth is also the fact that most people&#x2F;organizations never paid a dime for the software <i>or</i> the service, and I&#x27;m talking about Billion dollar organizations that paid ridiculous amounts of money for both &quot;DevOps Managers&quot; and consultants but the actual source of the images they pull are either from &quot;some dude&quot; or some opensource orgs.<p>I get that there will be many &quot;innocent victims&quot; of the circumstances but most people who are crying now are the same ones who previously only took, never gave and are panicking because as Warren Buffett says: &quot;Only when the tide goes out do you discover who&#x27;s been swimming naked.&quot;<p>And there are a lot of engineering managers and organizations who like to brag with expressions like &quot;Software supply chains&quot; and we&#x27;ll find out who has been swimming with their willy out.

The only real moat they seem to have here is that &quot;FROM&quot; in a Dockerfile, &quot;image:&quot; in a docker-compose.yml file, and the docker command line default &quot;somestring&quot; as an image to &quot;hub.docker.com:somestring&quot;.<p>They pushed that with the aggressive rate limiting first though, which caused a lot of people to now understand that paragraph above and use proxies, specify a different &quot;hub&quot;, etc.<p>So this move, to me, has less leverage than they might have intended, since the previous move already educated people on how to work around docker hub.<p>At some point, they force everyone&#x27;s hand and lose their moat.

It was always unbelievable too me how much they hosted for free. I recklessly pushed over 100gbs of containers the last years, all free. Never made sense to me, even google doesn&#x27;t do this anymore.

After Docker announced rate limiting for the hub this was an anticipated move. Was just the matter of time.<p>The only recommendation to everyone: move away or duplicate.<p>One of the strategies I am yet to test is the synchronization between gitlab and github for protected branches and tags and relying on their container registries. Thus (at least) you provide multiple ways to serve public images for free and with relatively low hassle.<p>And then for open source projects’ maintainers: provide a one command way to reproducibly build images from scratch to serve them from wherever users want. In production I don’t want to depend on public registries at all and if anything I must be able to build images on my own and expect them to be the same as their publicly built counterparts. Mirroring images is the primary way, reproducing is the fallback option and also helps to verify the integrity.

To me this smells of VC model issues.<p>Initially it&#x27;s great if you can get all the FOSS to play in your technology walled garden. Subsidize it with VC cash.<p>Downside is it generates a ton of traffic that is hard to monetize. Sooner or later it reaches a point where it can&#x27;t be subsidized and then you get pay up or get out decisions like this.<p>One question I haven&#x27;t seen yet is 420 USD? Is that what it costs to serve the average FOSS project? Or is that number a bad Elon style joke? If they came out with &quot;We&#x27;ve calculated X as actual costs. We&#x27;re making no margin on this but can&#x27;t free lunch this anymore&quot; that would go down a lot better I think.

Without entering into the specifics of this situation, I don’t understand the hate for Docker the company. They are providing a huge service for the community and looking for ways to make money from it to make it sustainable. I would give them a bit more empathy&#x2F;benefit of the doubt as they iterate on their approach. Somewhere, somehow, someone has to pay for that storage and bandwidth whether directly or indirectly (I am old enough to remember what happened with sourceforge so I rather them find a model that works for everyone)

Docker should never have become a business. There’s virtually nothing there to make a business around, it’s a suite of useful utilities that should have remained a simple open source project. I switched to podman a while ago and haven’t looked back.

Can we just get the big three cloud players to make a new public repo? They’ve got oodles of bandwidth and storage, plus the advantage that a lot of access would be local to their private networks.<p>Setup a non-profit, dedicate resources from each of them spendable as $X dollars of credits, and this problem is solved in a way that works for the real world. Not some federated mess that will never get off the ground.

I suppose BitTorrent for Images should be a thing (again?)<p>Discussions of decentralization and redundancy always come up in software&#x2F;system design and development, but we seem to always gravitate to bottlenecks and full dependency on single entities for the tools we &quot;need&quot;.

Could IPFS possibly be a good distributed (and free?) storage backing for whatever replaces DockerHub for Open Source, as opposed to using something like GitHub? We&#x27;d still need a registry for mapping the image name to CID, along with users&#x2F;teams&#x2F;etc., but that simple database should be much cheaper to run than actually handling the actual storage of images and the bandwidth for downloading images.

I posted this in the other thread already but will also add it here. <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35167136" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35167136</a><p>---<p>In an ideal world every project had its own registry. Those centralized registries&#x2F;package managers that are baked into tools are one of the reasons why hijacking namespaces (and typos of them) is even possible and so bad.<p>Externalizing hosting costs to other parties is very attractive but if you are truly open source you can tell everybody to build the packages themselves from source and provide a script (or in this case a large Dockerfile) for that. No hosting of binary images necessary for small projects.<p>Especially since a lot of open source projects are not used by other OSS but by large organizations I don&#x27;t see the need to burden others with the costs for these businesses. Spinning this into &quot;Docker hates Open Source&quot; is absolutely missing the point.<p>Linux distributions figured out decades ago that universities are willing to help out with decentralized distribution of their binaries. Why shouldn&#x27;t this work for other essential OSS as well?

Does anybody know whether there could be something like an open&#x2F;libre container registry?<p>Maybe the cloud native foundation or the linux foundation could provide something like this to prevent vendor lock-ins?<p>I was coincidentially trying out harbor again over the last days, and it seems nice as a managed or self-hosted alternative. [1] after some discussions we probably gonna go with that, because we want to prevent another potential lock-in with sonarpoint&#x27;s nexus.<p>Does anybody have similar migration plans?<p>The thing that worries me the most is storage expectations, caching and purging unneeded cache entries.<p>I have no idea how large&#x2F;huge a registry can get or what to expect. I imagine alpine images to be much smaller than say, the ubuntu images where the apt caches weren&#x27;t removed afterwards.<p>[1] <a href="https:&#x2F;&#x2F;goharbor.io" rel="nofollow">https:&#x2F;&#x2F;goharbor.io</a>

Many people are quite upset. But on the other hand, how many years could this work? Petabytes of data and traffic.<p>When we started to offer an alternative to Docker Hub in 2015-2016 with container-registry.com, everyone was laughing at us. Why are you doing that, you are the only one, Docker Hub is free or almost free.<p>Owning your data and having full control over the distribution is crucial for every project, event open source.

I&#x27;m not too familiar with docker infra at large, but could the docker hub in principle act just as a namespace such that the opensource projects could have the images hosted elsewhere, but docker hub just redirects them there, so saving on the bandwidth on those?<p>I suppose there are hand-wavy business reasons not to do that, but somehow I feel that would:<p><pre><code> 1. Still keep themselves in the loop and relevant, owning the namespace&#x2F;hub&#x2F;main registry 2. Offset the costs of those that they don&#x27;t want to deal with (push them to ghcr or whatever) 3. Preserve some notion of goodwill in not braking the whole dockerverse</code></pre>

It is my understanding that Microsoft has previously tried to purchase Docker. Despite me having problems with companies buying up each other, I wouldn&#x27;t be surprised if Microsoft revisits, or already is revisiting, buying Docker.<p>Being a heavy Visual Studio Code user, I have centered my personal development around Docker containers using VS Code&#x27;s Devcontainer feature, which is a very, very nice way of developing. All I need installed is VS Code and Docker, and I can pull down and start developing any project. (I&#x27;m not there yet for all my personal projects, but that&#x27;s where I&#x27;m headed.)

As I commented in yesterday&#x27;s thread, this is not the first time Docker is pulling the plug on people with very short advance notice: See <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=16665130" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=16665130</a> from 2018<p>Someone back then even wondered what would happen if such a change happened to Docker Hub <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=16665340" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=16665340</a> and here we are today.

As long as we don’t share ownership in these platforms, nothing will ever truly belong to us. For Docker, the software, a Libre alternative is Podman. Instead of GitHub, use Codeberg, an open organization and service.<p>Now we need a Docker registry cooperative owned by everyone.

Hmm.<p>&gt; GitHub&#x27;s Container Registry offers free storage for public images.<p>But for how long?

Docker had the ability to be baked into nearly every enterprise tech stack and extract money accordingly, instead they take time every 2 years to torment users. They will end up going down as one of the biggest missed plays in modern software.

Gitea has support for packages, so if you don&#x27;t want to use GitHub or something similar, you could simply self-host your packages.

The ongoing Docker saga has convinced me I’m never, ever, ever making a product for developers.

Docker have a responsibility to _their_ customers, not just OpenFaas and other open source projects. _Docker&#x27;s_ customers rely on them to provide a safe and reliable service. If Docker allows these projects to be taken over by nefarious actors, then the risk falls to _their_ customers, not the Open Source projects that they&#x27;ve broken with.

&gt; <i>Has Docker forgotten Remember leftpad?</i><p>Anyone who takes even a brief glance at the absurdly yolo identity, upgrade, and permissions model Docker encourages should be able to answer this with an immediate &quot;obviously they don&#x27;t care&quot;.<p>The faster this implodes, the faster we get a safer setup where we don&#x27;t blindly trust everything.

Docker is shooting itself in the foot. Oddly I decided to put on the docker shirt from one of their 2016 hackathons today before reading the news. I&#x27;m embarrassed to own this shirt and will throw it away after today.<p>RIP Docker, your former self will be missed while your current self will be loathed.

Side note: what did happen to Travis? I was just googling them yesterday because they were everywhere. They even came with the GitHub education package.<p>Did GitHub just eat them?

One annoyance with how docker images are specified is they include the location where they are stored. So if you want to change where you store you image you break everyone.<p>I wonder if what regsitry.k8s.io does could be generalized:<p><a href="https:&#x2F;&#x2F;github.com&#x2F;kubernetes&#x2F;registry.k8s.io&#x2F;blob&#x2F;main&#x2F;cmd&#x2F;archeio&#x2F;docs&#x2F;request-handling.md">https:&#x2F;&#x2F;github.com&#x2F;kubernetes&#x2F;registry.k8s.io&#x2F;blob&#x2F;main&#x2F;cmd&#x2F;...</a><p>The idea is the depending on which cloud you are pulling the image from, they will use the closest blob store to service the request. This also has the effect that you could change the source of truth for the registry without breaking all Dockerfiles.

I am confused by the meaning of Docker&#x27;s announcement. They keep saying &quot;organizations&quot; will have Docker images deleted. Does that include personal FOSS images or not? Because the vast majority of Docker Hub images are uploaded by individual contributors, not &quot;organizations.&quot;<p>Too bad about their poor relationship with the FOSS community. I&#x27;ve applied to them for years, and actually merged some minor patches to Docker to help resolve a go dependency fiasco. Zero offers.<p>I guess the next logical move is to republish any and all non-enterprise Docker images to a more flexible host like the GitHub registry.

Has there been any work on making these centralised public repositories distributed?

This is incredibly frustrating to deal with because of how deeply the registry name is baked into Dockerfiles and image names. We end up &quot;mirroring&quot; our base images but there&#x27;s some disconnect internally between &quot;oh, yeah, our harbor.company&#x2F;library&#x2F;debian:bullseye is some random pull of library&#x2F;debian:bullseye from the docker hub&quot;.<p>Imagine if you needed to change mirrors for `apt` and as part of that process you had to change all of the names of installed packages because the hostname of the mirror formed part of the package&#x27;s identifier.

Is there any progress on podman for Windows or any other way of running containers on Windows? I cannot wait for the day the development community doesn&#x27;t need to rely on anything from this company.

This is cool and I explain why: - cool because advocate for a proprietary technology hidden behind Open Source and Free Software purism is a fallacy - cool because by theses actions you improve their business against users freedoms<p>And most of all, Cool because I hope you and other will take the time to ask yourself before advocating a technology:<p>Is this technology good for my rights and by the way for knowledge of all.

It&#x27;s going to cost companies a lot more money to migrate their docker dependencies than simply pay their open source dependency maintainers to keep the org intact. Might as well become a project sponsor!<p>This could be the best thing to happen to open source projects if the argument is framed correctly. You don&#x27;t solve a cost problem by pursuing a more costly alternative.

From the article:<p>&gt; If you are able to completely delete your organisation, then you could re-create it as a free personal account. That should be enough to reserve the name to prevent hostile take-over. Has Docker forgotten Remember leftpad? &gt; &gt; This is unlikely that large projects can simply delete their organisation and all its images. &gt; &gt; If that&#x27;s the case, and you can tolerate some downtime, you could try the following: &gt; - Create a new personal user account &gt; - Mirror all images and tags required to the new user account &gt; - Delete the organisation &gt; - Rename the personal user account to the name of the organisation<p>Seems like no?<p>We cannot rename personal accounts on Docker Hub in 2023. There is no such feature in account settings, and here is the related issue: <a href="https:&#x2F;&#x2F;github.com&#x2F;docker&#x2F;roadmap&#x2F;issues&#x2F;44">https:&#x2F;&#x2F;github.com&#x2F;docker&#x2F;roadmap&#x2F;issues&#x2F;44</a><p>So, at the moment, any public organization images are doomed to be lost, if they won&#x27;t pay.

It was sad to see people defending Docker Desktop changing from free to paid licenses. Now Docker is charging for even more things that used to be free.<p>The defenders are reaping what they have sown. Next time a company starts to charge for things that used to be free, remember not to encourage it, because that will only make it happen more.<p>People don&#x27;t like this and many of them are not going to trust Docker in the future.

You know what I love about Java’s library ecosystem?<p>You configure your project to use the de-facto ones…<p>OR you configure your project (not your system’s user profile!) to use your own internal registry&#x2F;repo<p>And all the repo software supports pull-through from every other repo, so you cache all your dependencies however you want and have full control over everything.<p>Why does pretty much no other ecosystem do this?

I think it&#x27;s an interesting challenge with FOSS infrastructure in general, and I&#x27;m surprised it isn&#x27;t more of an issue.<p>Docker&#x27;s storage is heavier than most, but what about other repositories like maven central, and npm? There must be significant costs associated with running those.<p>These tools are all the backbone of modern software dev, and need a business model. It&#x27;s reasonable that consumers should pay for the benefit. I think Docker have screwed the execution of this transition, but the overall pattern of &quot;someone has to pay&quot; is one I support.<p>Personally, I pay for Docker. I use it every day, and get value from it.<p>The argument that the OP makes is really valid though - OSS needs distribution channels, which need to be funded - and expecting the publisher to pay for this isn&#x27;t always appropriate.<p>I&#x27;d like to see something like the equivalent of CNCF which I can buy a subscription from, and it funnels money to the comapnies and developers that keep me in a job -- almost a Spotify model for OSS and it&#x27;s supporting infrastructure.

Are they actively trying to hasten their own demise?<p>I guess I&#x27;ll be moving our (FOSS) container images to GitHub Registry... but what a pain :&#x2F;

Please dont forget that you can cache all these images in your own registry! you will still have to worry about how to get updates, but set up a private registry and deal with this on your on time!<p>As a side node, Rancher desktop is good enough. Docker has repeatedly demonstrated that they just where the first ones and not by any means the best ones.

Thanks for the many insights in this discussion.<p>I&#x27;ve collected them and added more analysis, inventory and mitigation tips in a new blog post. (GitLab team member here)<p><a href="https:&#x2F;&#x2F;about.gitlab.com&#x2F;blog&#x2F;2023&#x2F;03&#x2F;16&#x2F;how-gitlab-can-help-mitigate-deletion-open-source-images-docker-hub&#x2F;" rel="nofollow">https:&#x2F;&#x2F;about.gitlab.com&#x2F;blog&#x2F;2023&#x2F;03&#x2F;16&#x2F;how-gitlab-can-help...</a><p>The blog post includes a Python script to programmatically search CI&#x2F;CD configurations in GitLab, shows the Dependency Proxy and container registry possibilities, and discusses more ideas around custom Docker images (Dockerfile: FROM), Kubernetes&#x2F;IaC image usage, policies and Observability. Hope sharing this knowledge helps :-)

I am missing something and I can&#x27;t find a concrete explanation anywhere.<p>What exactly does this mean as someone who pulls images but doesn&#x27;t push to docker hub?<p>Within a month or so are we going to start getting failures trying to pull images or docker hub no longer being updated and needing to start pulling from somewhere else?

&gt; Cybersquat before a bad actor can<p>I don&#x27;t see why the duty of preventing this falls on the shoulders of the maintainers that are being kicked out to begin with.<p>I don&#x27;t publish on docker hub, but if they were in the process of kicking me out, I&#x27;d let the chip fall and let them deal with any eventual disaster.

Tough. Should have self-hosted rather than get yourself locked in. (Again)<p>&gt; Start publishing images to GitHub<p>&gt; GitHub&#x27;s Container Registry offers free storage for public images. It doesn&#x27;t require service accounts or long-lived tokens to be stored as secrets in CI, because it can mint a short-lived token to access ghcr.io already.<p>Even after the montage of outages. Still suggesting to re-centralizing back to GitHub as the solution is really asking for more disappointment. [0]<p>Once again, we have learned nothing.<p>[0] <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34843847" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34843847</a><p>[1] <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=22867803" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=22867803</a>

Well I am thankful because I don&#x27;t use Docker in my professional life but do in my personal life. I guess I will rebuild my system without Docker. It made things easy but I have no interest in trying to track bullshit like this as an end user.<p>I guess Docker is as good as dead.

Microsoft’s Azure Container Registry now has a check box feature to “vendor” external container images. This takes more space obviously but will protect systems from critical base images suddenly disappearing or becoming rate-limited.

The fact that this was allowed to be carried out in this manner means, in my view, that the capital-D Docker brand is basically toast now.<p>There is no set of subsequent decisions that allows serious people to trust them.

Profit motive above all else is fundamentally incompatible with the social engine that powers the open source community. It always has been and always will be. I&#x27;m no longer surprised, but im still disappointed.

The OP goes through a lot of trouble to obscure they are asking for $35 a month, which honestly I think most people can afford, even if its open source software they develop only out of kindness. So I&#x27;m not really buying that argument.<p>That said I don&#x27;t really want to reward Docker for writing themselves in as the distribution hub for all things docker and then more or less extorting money from people.<p>I think the solution is don&#x27;t give Docker a dime, just run your own registry in Digital Ocean, thats $5&#x2F;m. If we can front the registry server with a CDN then its potentially free.

IPFS or Torrents would be ideal way to host and distribute docker images as every layer is content addressable therefore read-only. I don&#x27;t mind to seed any public images I keep running on my server.

&gt; if we don&#x27;t pay up, systems will break for many free users.<p>Yep. These things happen, which is why hosting a copy on your own gitea, website, etc is so important.<p>&gt; Start publishing images to GitHub<p>Why, to have this repeated in a few years time?

If you are using containerd then you might find the &quot;hosts&quot; section of the configuration file useful: <a href="https:&#x2F;&#x2F;github.com&#x2F;containerd&#x2F;containerd&#x2F;blob&#x2F;main&#x2F;docs&#x2F;hosts.md">https:&#x2F;&#x2F;github.com&#x2F;containerd&#x2F;containerd&#x2F;blob&#x2F;main&#x2F;docs&#x2F;host...</a><p>You could mirror the images to another registry of your choosing and then use containerd configuration as a stopgap until you update all of your `FROM`&#x2F;`image` fields.

Image hosting at scale is an expensive business and Docker are not the only ones trying to manage the costs.<p>Kubernetes is currently in the process of changing the main repository for their images because, as I understand it, they&#x27;re burning through their free GCP credits an an unsustainable rate.<p>Ideally Docker Hub would be an industry funded effort, but that would require co-operation and funding from the major tech. players, and I have a feeling that in an era of cost cutting, that might be harder to achieve than it was in the past.

Maybe the process of rerunning upstream Dockerfiles in an attempt to recover lost images and then, in many cases, getting back substantially different images will help illustrate to more teams the difference between what Docker itself achieves (easily distributable disk images, which are very useful) and reproducibility.<p>(Hopefully most of those differences end up being unimportant and little to no tweaks to the tools using those images is required, though.)

It seems to me that the only thing more devastating for a lot of developers would be npmjs.com blowing up like this because they desperately needed funding. But they got acquired by parties in no rush to profit off them<p>Why didn&#x27;t any of the big tech acquire Docker and their registry? They don&#x27;t appear to be less interesting than npmjs considering technology or ecosystem. Did they resist being acquired and has the opportunity passed ?

What alternatives to docker are there on ARM based devices like apple silicon macs? I&#x27;d like to get off of Docker in light of this change.

Google&#x27;s crane tool to efficiently copy images from Docker Hub to e.g. GitHub&#x27;s Container Registry, in case you want to migrate: <a href="https:&#x2F;&#x2F;github.com&#x2F;google&#x2F;go-containerregistry&#x2F;tree&#x2F;main&#x2F;cmd&#x2F;crane#readme">https:&#x2F;&#x2F;github.com&#x2F;google&#x2F;go-containerregistry&#x2F;tree&#x2F;main&#x2F;cmd...</a>

Its pretty easy to setup a Github Action that mirrors images to a private registry. We use this to mirror to GCP Artifact registry: <a href="https:&#x2F;&#x2F;zuplo.com&#x2F;blog&#x2F;2023&#x2F;03&#x2F;15&#x2F;mirroring-docker-images-with-github-actions" rel="nofollow">https:&#x2F;&#x2F;zuplo.com&#x2F;blog&#x2F;2023&#x2F;03&#x2F;15&#x2F;mirroring-docker-images-wi...</a>

Can someone recommend some simple &quot;caching proxy for docker images&quot;? Something where instead of docker&#x2F;podman pull docker.io&#x2F;something I would do docker&#x2F;podman pull my.cache&#x2F;something and it would do the rest. Official docker registry image is supposed to do this, but cannot mirror other repositories outside of dockerhub.

<i>Squatting and the effects of malware and poison images is my primary concern here.</i><p>One of the things the docker api has going for it is that it is hash based. Aside from the first time, it doesn’t seem far fetched for a docker api client to refuse or warn based on comparing the new download’s hash to the previous hash.

Sucked in.<p>I am sorry so many people got caught out by this. But it is an regular pattern in tech.<p>Cory Doctorow coined a word for this: enshittification. <a href="https:&#x2F;&#x2F;pluralistic.net&#x2F;tag&#x2F;enshittification&#x2F;" rel="nofollow">https:&#x2F;&#x2F;pluralistic.net&#x2F;tag&#x2F;enshittification&#x2F;</a>

Container images should just be files at a URL, anything else just leads to this sort of rent-seeking.

I think that people should switch to GitHub container registry for free images. I don&#x27;t like this kind of centralisation, but I least one can expect for Microsoft to have enough money to provide service for free without strings attached, just like they do with Git hosting.

Tweet on the impact of this on the Elixir project: <a href="https:&#x2F;&#x2F;mobile.twitter.com&#x2F;josevalim&#x2F;status&#x2F;1635767176769462272" rel="nofollow">https:&#x2F;&#x2F;mobile.twitter.com&#x2F;josevalim&#x2F;status&#x2F;1635767176769462...</a>

I run multiple docker registries inside dokku. It&#x27;s fantastic. $5&#x2F;mo for peace of mind.

They really want to go in vain, hated, and making people happy they&#x27;re finally off their continuously degrading service and attitude! I get it, they are a commercial entity, but it seems that even they realize that they are in the mode of agony!

I wonder if this is related to the large number of more and more desperate sounding emails I&#x27;ve been getting from a Docker sales rep.<p>Are they bleeding and trying desperately to find additional revenue streams?

Rock and a hard place. These organizations have large expenses and can&#x27;t keep giving away so much for free.<p>OTOH there are many better ways this could have been handled. More notice, discount for existing orgs etc ..<p>OpenVS for life

Is there any drop in replacement for dockerhub? I’m concerned about all my random oss containers (like ruby-latest) that may come from orgs that aren’t able or willing to pay.<p>Is there another container hosting site?

sadly, cloud providers (GCE, AWS etc) make it too convenient and cheap to host&#x2F;manage container&#x2F;package registries. You also have github, gitlab offering similar services, free or cheap, eating further into Docker&#x27;s market.<p>I don&#x27;t see how they can offer Free accounts to Orgs unless they&#x27;ve a steady-growing paying-customer base to offset running costs.<p>Unless they massively restrict team size, image size, number of projects, throttle connections - costs would spiral out of control.

You don&#x27;t go to war with the army you want, you go to war with a menagerie images built and generated by random strangers on the internet your team found in stack overflow posts.

Switched to Multipass (<a href="https:&#x2F;&#x2F;multipass.run&#x2F;" rel="nofollow">https:&#x2F;&#x2F;multipass.run&#x2F;</a>) and run docker with portainer on my Mac there.

Discord pricing model has been so much cool when compared to these reckless move by Docker.<p>Imagine the following:<p>[1] Ultra-bad rate-limiting by default to all public images.<p>[2] X$&#x2F;month &quot;boost&quot; to have relaxed rate-limit for yourself &amp; contributing some to the community.<p>[3] The popular the repository is, the higher rate limit it get.<p>[4] After Y$&#x2F;month, Docker just suggest other repositories to &quot;support&quot;, so the $$ tickle down the whole ecosystem.<p>[5] Simple feature which allows you to quickly view public images you are dependent on. And which one you&#x2F;your organisation should support to.<p>But hey wait... welcome to the world run by VCs and shitty PM roles. :)

Sad but unsurprising; Docker has been slowly transforming into a traditional enterprise software company for quite a while now. They really squandered their potential.

What is the best replacement or alternate to Docker?

Another reminder that VC-funded hosting does not last forever. Self-host your mission critical dependencies folks!

They could probably have made more money from 1-line contextual advertising in image pull messages than this shit

I just started paying for Docker. I use it daily, it makes my life easier so I decided to pay for it.

1. I just started teaching myself Docker for my home server. How will this affect me?<p>2. What is a good alternative to Docker?<p>Thanks!

Docker should have sold to Microsoft. Whatever they have been doing recently is a mistake.

It is kinda strange that developers who should be aware of their own costs think that these sort of services will be free forever or even available and never end. Specially when clearly there is not much monetization going on. Unlike when services are offered with adds.<p>Big players can carry the costs, but what can small ones really do once money runs out?

I migrated to Github Container Registry in less time than it took to read this blog.

Ironically, Docker wouldn&#x27;t exist without Linux kernel support for containers.

There are other repositories to put your images and fetch images, right?

I havent used docker but my understanding is that dockerhub hosts docker images which are essentially just text files? Would that be something that cud just be migrated to another platform easily or does dockerhub do a lot of other things too?

Time to switch to Podman

What do we do when Microsoft&#x2F;Github pulls a similar trick?

self hosting is the only alternative ... We cannot depend on the cloud anymore. This is not the first nor the last time something like this happens.

We need Nostr like protocols.

What is the alternaive?

Its a business

socialize Docker!

Since Silicon Valley bank with fdic takeover, the &quot;free&quot; services will go away. Free central bank money is gone due to higher inflation and interest rates. Free open source tiers are going away.

All free tiers everywhere are going away, because someone always figures out how to run a crypto miner on them.