Jerod’s Be aware: The quick embedded beneath of Tammer Saleh on Ship It! created a firestorm of feedback from of us who have been unhappy with the dearth of clarification behind his conclusion.
I caught up with Tammer at KubeCon NA 2023 and took the chance to ask him to make clear and defend the remark. This submit is a fancied-up transcript of his response.
It’s higher in audio the place I learn him some feedback & all of us have a superb chuckle. Play the audio.
NixOS has one deadly flaw, which is the usability of Nix.
(By the best way, I actually do love the eagerness within the Nix neighborhood. They created that, proper? They created these feedback. However Nix does have that deadly flaw of a very horrible studying curve and consumer expertise.)
I’ve by no means talked to a single Nix advocate… for instance, a number of the folks inside Shopify. Shopify was touted as a spot that was going to make use of Nix holistically, all through their complete developer expertise… They usually tried. They put a superb effort into it, however I’ve talked to lots of the engineers that stated:
“No, it was too onerous to grasp, particularly for our new engineers.”
And it simply didn’t work.
That being stated, I do know there’s lots of initiatives to repair Nix’s usability. That’s nice! I wish to see that occur, as a result of I personally am truly very enthusiastic about a number of the elements of Nix. What it opens up. NixOS, certain, however simply Nix as a bundle supervisor generally is simply very attention-grabbing. It’s a very cool know-how.
But in addition timing.
(I learn a few of these feedback too, and for some motive, this message was misplaced. So what am I going to do? I’m going to say it once more…)
Docker solved lots of the issues that Nix is meant to resolve. There are methods to make use of Nix and Docker collectively, and lots of the complaints I noticed stated: “He doesn’t perceive Nix” or “He doesn’t perceive Docker…”
I’d wish to assume I perceive Docker.
If I don’t totally perceive Nix… honest. However I did lots of learning on it.
I feel I perceive Nix, too.
Docker isn’t just about operating containers. It’s not simply LXC. Docker solves three completely different issues. Working your container in a safe, multi-tenant style is unquestionably one of many issues Docker solves (docker run). It’s the obvious. Packaging all your dependencies into one unit of distribution is one other big drawback that it solves (docker construct). The third is as only a bundle distribution system (Docker Hub).
- Docker Construct
- Docker Run
- Docker Hub
Nix solves the final two.
Nix solves packaging your software and its dependencies higher than Docker does!
Too many individuals don’t perceive that if you happen to run docker construct twice, and also you’re not cautious about your layer caches, you’re not going to get the identical outcome. I hate that about Docker.
Do you bear in mind BOSH? BOSH obtained that proper. Nix is a greater model of that. However nonetheless, Docker solves it for the plenty. The plenty don’t care about that one little niggly a part of docker construct. The plenty are identical to:
“No matter. It’s Docker. It’s in every single place.”
And Docker Hub solves the distribution drawback.
I wish to set up nginx, I simply docker run nginx. Finished.
Nix additionally solves the distribution drawback, however Docker has extra momentum. So everyone has a Docker picture. Not everyone has a Nix bundle.
Jerod’s Be aware: I eliminated a sub-conversation about Nix “flakes” vs “packages”, ugly Dockerfiles & how Tammer likes YAML (🤢). Catch it within the audio or the transcript.
My level is: Docker does three issues, Nix does two.
Nix doesn’t remedy the operating in precise isolation. Nix solves the isolation of dependencies in an excellent approach, however it doesn’t remedy operating in namespaces, in cgroups, and safety, and all of that. Nix doesn’t remedy that.
So if you happen to mix Nix and Docker, which – there’s that Nixery, which is a superb undertaking! That Docker registry that may make Docker photographs on the fly primarily based upon the Nix packages… That’s a cool software of Nix.
I nonetheless imagine that Nix has a future in at present’s know-how area, however as an implementation element. And I feel there are some small groups which can be basing every thing on Nix, and so they’re having lots of success with that! However due to the training curve I simply don’t assume it scales to any bigger setting.
Nix is a unbelievable system if you happen to can undertake it in an remoted, airtight setting.
However it’s not for the plenty. Docker is for the plenty.
Jerod Once more: There you could have it, Tammer’s reply to why he thinks NixOS has a deadly flaw. Did he acquit himself nicely? Or do you continue to assume he’s mistaken? Tell us within the feedback!
