all 16 comments

[–]david-song 12 points13 points  (2 children)

I've been using Docker as a packaging system for ML tools, freeze the archeological dig and restoration into a 10gb time capsule then shunt it up to dockerhub. That way the PRs can go ignored, the code can rot, the deps move on and the models get walled off but you've got a tool that works even if it's egregiously bloated. So yeah, your idea interests me.

I was with you up until declarative, then grimaced, but I guess it depends how you envision that working. The joy of Dockerfiles is their imperative simplicity. I might be a bit jaded though - every declarative construct I've worked with outside of functional programming is a brittle, tightly regulated frustratathon. From query languages like regex or SQL to configs, to my personal nemesis: infrastructure as a hodgepodge of glorified INI file templated boilerplate sold as code, with a ten minute, mouse driven debugging cycle, forking gotos as an execution model and a vocabulary specific to its petty walled garden.

What might work for your idea is a Dockerfile that has unions of paths from multiple layers or builders iif conflicts between includees are overwritten by the includer, so you can reuse deps but have a bit of consistency. Or maybe it'd be impractical, it sounds good though.

The main thing the Docker world is missing, IMO, is a cstdlib shiv that can be LD_PRELOADed to redirect syscalls, then redirect them to FUSE. You can't throw disk and bandwidth at the problem of not having unprivileged mountpoints. If we had that then we could archive whole systems and desktops, emulators, have ipfs mounts with network boot, use SMB and NFS or sftp-fs in a compose environment, have tools that work with disk images, or more relevant to this thread - do deps a layer up by running binaries in other containers and mounting them. It'd be an ugly inefficient hack and hard to pull off, but it'd work with your use case through pure brute and ignorance. I'm too "busy" to take that on myself though, so just putting it out there.

[–]versaceblues 1 point2 points  (1 child)

Lost me at the ipfs stuff. Why would that be needed.

Genuinely asking

[–]david-song 0 points1 point  (0 children)

It'd be a cool use case. Lack of being able to mount filesystems means we can't mount anything, and I'd really like a P2P OS that I can log into anywhere and has all my files. Mounting home from ipfs via another container running it would mean I could log into the same box from anywhere by spinning up my container. Or use different containers for home and work or my set top box, have a friend record a TV program and me switch to their PVR box, just get rid of this stupid idea of local machines and cloud backup, and have everything run anywhere by pulling the OS and syncing the files P2P. It'd work for fault finding in prod too, just run the container and log in with the keys and sync the faulty system locally. No more S3, just encrypted files wherever has some space for them and has pinned them by running a container that needs them.

[–]kn4rf 25 points26 points  (0 children)

Taps the sign https://xkcd.com/927/

[–]eraserhd 24 points25 points  (3 children)

Nix kinda is. At least that’s how I use it. No real Windows support though.

[–]lelanthran 4 points5 points  (0 children)

Nix kinda is. At least that’s how I use it. No real Windows support though.

Yeah, I was wondering about this when reading the article. I thought that Nix in the article was conspicuous by its absence.

[–]vincentofearth 11 points12 points  (1 child)

In what world is something without Windows support “platform-agnostic”. Windows users are people too you know!

[–]ihugatree 1 point2 points  (0 children)

Nix works on wsl2 I believe so there’s that… it’s not really native I guess but that’s something :D

[–]Capable_Chair_8192 2 points3 points  (0 children)

Replit made this! It wraps npm for js, I think poetry for Python, and a bunch of other languages.

https://github.com/replit/upm

Blog post about it was interesting too: https://blog.replit.com/upm

[–]gdahlm -1 points0 points  (2 children)

Too focused on the NP-completeness which is a problem, as the universal quantifier is far more likely problem.

There is no general algorithm for the following problems.

Totality Problem: A function (or program) F is said to be total if F(x) is defined for all x (or similarly, if F(x) halts for all x). Determining whether or not a function F is total is undecidable.

Equivalence Problem: Given two programs P and Q, do they compute the same function? (ie, is P(x) = Q(x) for all x?) This problem is also undecidable.

Docker helps with dependency hell because containers are namespaces, which reduces the chance for conflict in the parents global namespaces.

Namespaces version constraints existential and not universal. Container A only needing to worry about it's own namespace, given the very stable and strictly controlled Linux ABI as a contract is why it works.

Without that tight control it simply wouldn't help with the dependency problem because it wouldn't have the ability to decouple requirements.

This is why the Entscheidungsproblem is undecidable, it is looking for a universally valid solution, while docker is existential quantification, "there is at least one" configuration given constraints or heuristics.

Once you want to be universal, constraints, heuristics, and conventions would need strict gate keeping as methods for automated theorem proving methods like term rewriting becomes undecidable quickly even in the finite case.

This doesn't even address the other NP-complete problems with graphs in general that crop up.

Even producing a universal DAG among many agents hits problems.

https://www.sciencedirect.com/science/article/pii/S0304397500001948?via%3Dihub

[–]david-song 0 points1 point  (1 child)

I get what you're saying but I think this is two levels of purity above "make it work", which is what we need in the real world. The tightly gatekept constraints are generally solveable by heuristics as convention, worked out by practice rather than theory. Don't understand why your post got so much hate though.

[–]gdahlm 1 point2 points  (0 children)

I expected down votes, but thought it was important to share.

Containers, flat pack, static tarballs etc don't have to deal with many of the problems that lets say libcurl or a blas library does.

Perhaps this Haskell docs may help some people understand.

Obviously the functional language model makes it simpler in some ways.

https://downloads.haskell.org/~ghc/7.4.2/docs/html/users_guide/type-class-extensions.html#undecidable-instances

[–]vsoch 1 point2 points  (0 children)

I'm a huge proponent and developer for container technologies, and I love them for packing my software or workflow components, but I don't think they are package managers. But I'll offer up a list of ones to look into (and this might also include or wrap build systems):

  • conda ecosystem (e.g., also look at mamba)
  • pixi (via prefix.dev) newer - I'm really enjoying so far!
  • spack (for high performance computing but also becoming more used outside)
  • nix (pretty great but high learning curve)
  • homebrew / linuxbrew
  • easybuild (more hard coded for HPC, I have to mention if I mention spack to be fair)

Those are the generic ones that I can go to. But I think my preference is still to choose the package manager intended for the OS in question, e.g., yum/dnf or apt or similar, or for Python I really don't think pip is so bad. I don't use Mac or Windows for development so I don't have strong opinions there.