Alpine’s use of musl means only the truly insane would be leaping to its defense. The inability to support DNS over TCP was a problem for years. Outside of that, so many things presuppose glibc. It’s an endless source of weird.
It doesn’t make the news cause it’s a hobby os that was made important when we decided the size of the container mattered most.
Glibc is a nasty piece of software full of nonstandard GNUisms that basically implements a separate standard. I've fought for years against the fact they've got functions that are not found in any other libc and have different behaviours depending on macros, often conflicting with POSIX or BSD variants.
The fact the project was run for almost 20 years by a guy that managed it in a dictatorial style was a huge reason why so many alternative libc existed (that, and the licensing). Few people here remember about EGLIBC I guess.
Glibc is also such a mess that it still does not compile with Clang, after _decades_, due to all the crazy GCC extensions they rely on. An attempt is cyclically started and then promptly aborted when some new crazy nonsense is found. For instance, last time I checked they not only used the completely insane folly that GCC nested functions are, but they also relied on GCC attributes so nasty that LLVM never bothered implemented them (like renaming functions at code generation). Using these extensions are not really necessary, and I've a strong suspicious it was more of an attempt by the GNU authors to prevent distributions to ever consider not using GCC as their main compiler.
Also how name resolution is implemented in Glibc means you can't really statically link with it. If you've ever noticed, most "statically linked executables" are not in fact statically linked, but require ld.so just for libc. There are good reasons to disallow statically linking libc, but this is not one of them. Especially since the only stable API on Linux is the kernel interface, so the only way to not have to worry about future Glibc breakage is to either link with Musl or live with the risk.
My experience with musl has been that while it’ll most probably work, you’re severely at risk of a 30%+ perf degradation, and that means the juice is really not worth the squeeze.
glibc shouldn’t be statically compiled in because it’s lgpl and so immediately infects your code if you do.
The zig linker is quite nice here because it lets you pick what glibc you want to be compatible with.
Yes, but people have been complaining for -years-, because it was broken. And rather than listen to reason, the author ignored it because of his own misunderstanding of an RFC...
Memory is not cheap in the cloud nor is bandwidth, so optimizing for image/container size is quite cost effective.
Also every headache I've had with musl libc is because glibc is insane, not because there is a problem with musl. It should be trivial to swap out your standard library, as that is the entire point of dynamic loading. Yet you cannot actually swap out the dynamic library that nearly every program on your system will need, because it's not actually a library.
People often forget that bandwidth is time. A significant fraction of redeploy time for me is docker images, and that's using alpine base images. It would be (was) far worse with something else.
You don't need a package manager in your production container, you need one for the dependencies to build your artifact (in previous stages) which gets passed on, on it's own, statically compiled, to the empty container.
And I need a tool chain for inspecting a sick container trying to figure out why CPU jumped 25% for no apparent reason.
Also some programming languages, you can’t really populate the app’s dependencies without a bunch of its dependencies. And the only way to split the difference means you have to memorize every file that gets created during the build/install process to be sure you don’t miss anything airlifting them from one container to another.
All of which amounts to me becoming the package manager. Which gets much less fun the more containers you have running in prod.
I generally respect the curation that alpine does. Not too old, not too bleeding edge.
As a non-user, I think such variety is a good thing.
Not using the same thing everyone uses forces developers to care about standards rather than to assume compatibility just because it is how the favorite implementation works. Same reason why it is a good thing that a popular browser that is not Chromium-based exists.
Alpine and musl were originally crated for embedded devices, hence the small size. It is interesting how it has become so popular in docker. https://musl.libc.org/about.html
Before other OS offered slim and smaller variants and optimized for size, Alpine was the best bet. At some point the difference was huge and that meant huge savings and a increase in productivity.
There are other things to consider, specially data transfer and build times (apk is much faster than apt in my experience). If these and other benefits are worth the trouble of musl is up to each individual.
Yeah, and the devices with embedded linux firmware also are pennies apiece. Not every linux installation is a banking mainframe, and not every ARM soc even gets those NANDs.
There are FOSS projects that sound nice and desirable but are too impractical to use in the real world. I call them "libmagicponies".
On a related topic, I don't use Ubuntu, Debian, Alpine, Arch, Gentoo, Rocky, Alma, Fedora, or {Free,Open,Net}BSD. I use CentOS 9 stream for most things: it's basically RHEL's kernel and it powers 100M's-1 B machines.
Instead of saying "too impractical to use in the real world", which is obviously false, since many other people have been using at least a part of those in the real world for decades with excellent results, you should say that there are such projects that you have never felt the need to learn about, because you happened to find one that covered well your needs, so you never had any reason to explore alternatives, which is perfectly fine.
That's a really funny comment, but it seems unnecessarily perjorative when there's an entire Linux distro built on this specific example of your magic pony.
Your position might be sufficiently extreme that it warrants reconsidering.
This is patently false. Tons of Enterprise orgs use Alpine for security concerns, ease of administration, and size. I guess all those prod microservices existence is "insane".
It doesn’t make the news cause it’s a hobby os that was made important when we decided the size of the container mattered most.