• 0 Posts
  • 28 Comments
Joined 3 years ago
cake
Cake day: June 15th, 2023

help-circle
  • It really depends on which Socket Services the container requires. If you have a lot of containers that all need the same set of Socket Services, you could potentially use a single socket-proxy to serve all of them (in theory, I think).

    I usually run one per stack, sometimes more if I have a container within my stack that requires more/different Socket Services to the other(s).

    I’m not a docker expert though, so I’m not sure I can say what’s recommended. If you find/get a more authoritative answer on this question, I’d be interested to know.



  • The risk is certainly lower if you’re not exposing services to the internet, but that’s not the only way to end up with a rogue container. I use docker-socket-proxy for most of my stacks that need socket access. It can sometimes require a little bit of troubleshooting to understand what services you need to proxy, but I’ve had a pretty good success rate. Reading the logs from the socket-proxy and referring to the Docker Engine API documentation will help you to understand what Services you need to enable in the socket-proxy config.



  • I haven’t finished watching the season yet, but it’s definitely not as good as season one. Company Retreat, the setting and the fate of the company, do not have the same gravitas as a court case. Rather than being unique, as season one was, this second season feels like a poor version of The Office (US). I understand it would’ve been difficult to pull off another Jury Duty without the “hero” realising what was going on, but I’m sure they could’ve come up with a more intense scenario than a company retreat.