Scott Williams 🐧Nov 7, 2023
I have an interesting problem at work. We aren't using one of our #opensource projects any more, but metrics seem to indicate that others are. But since we don't track end users in any way whatsoever, we have no way of reaching out to whoever they are to see how disruptive it would be for us to pull the plug or even if it's used within our own org! It's not much overhead to keep going at this point, but it's not zero.
Show threadScott Williams 🐧Nov 7, 2023

One interesting point here is that #DockerHub doesn't give you pull analytics with regular paid tiers (there are two special programs that get it). You can query current amount of pulls with an API call, but if you haven't been doing that all along because you didn't know you needed that, then you don't get that info, so I can see it has a high number of pulls and the last time it was pulled, but I don't know how many unique IPs or regularity.

#Docker #opensource #Mirantis

Show threadScott Williams 🐧
But since the project is a container image, most people don't visit a website or repo after they've implemented the container, so there's a pretty solid chance that posting a statement of "Hey, we're going to retire this thing - use this thing instead" isn't going to be seen and current end-users will end up sticking with a stale, unmaintained version that isn't good for them and doesn't reflect well on us, either. It also doesn't seem great to up and delete it and break stuff for others.
Nov 7, 2023 at 5:21pmWeb
Show threadScott Williams 🐧Nov 7, 2023

This all makes it so much easier to understand why #DockerHub is littered with massive numbers of stale, insecure images and other than maybe making analytics available to everyone, I don't see any obvious way for how #Docker could make this better without being massively disruptive. It also doesn't seem sustainable for them to carry such an incredible amount of ever-growing technical debt that so much of the internet depends on.

#Mirantis

Show threadSheogorathNov 7, 2023

@vwbusguy the answer is easy: Make it paid. Container images older than X cost Y.

This will cause outcry, I know, but in opensource land we live a bit in the VC phase in the recent years. Generous free tiers, many dependencies are built and at some point someone will cache in.

Docker, GitHub, … we can't have more run around than we can afford or it'll hurt us.

Show threadM. Hamzah KhanNov 7, 2023
@sheogorath @vwbusguy brb going to find my pitchfork
Show threadScott Williams 🐧Nov 7, 2023

@sheogorath This answer is about as easy as saying it's easy to get out of debt by driving your car off a cliff so your life insurance company can sort it out. It technically solves the problem on paper, but it's also massively reckless and destructive to the point that any sane person from a distance would find it outright repulsive, shocking, and idiotic.

I'm afraid there are no easy answers. This isn't a new problem for Docker, either: How to effectively and responsibly monetize it.

Show threadSheogorathNov 7, 2023

@vwbusguy Well, either they solve this problem or it's solved for them by running the whole thing to the ground. The problem is obviously: growing costs for unused stuff.

And offering everything for free isn't the most successful business model. We even already see them starting with retentions, so technically they actually implemented this with a massive backlash.

https://www.docker.com/blog/scaling-dockers-business-to-serve-millions-more-developers-storage/

But it's time for more projects to take on their own cost, before the bubble bursts.

Scaling Docker’s Business to Serve Millions More Developers: Storage | Docker

Learn from Docker experts to simplify and advance your app development and management with Docker. Stay up to date on Docker events and new version

Docker
Show threadScott Williams 🐧Nov 7, 2023

@sheogorath For what it's worth, my OP is about a paid account and feeling like I don't have sufficient tools to prune legacy stuff with our paid account.

Also, did you see the update to that post?

https://www.docker.com/blog/docker-hub-image-retention-policy-delayed-and-subscription-updates/

Docker Hub Image Retention Policy Delayed, Subscription Updates | Docker

Learn from Docker experts to simplify and advance your app development and management with Docker. Stay up to date on Docker events and new version

Docker
Show threadSheogorathNov 7, 2023
@vwbusguy I did see the update, but it seems like I missed that they actually decided to not follow through at all (which explains quite a lot of lack of chaos) and instead only go for the rate-limiting.
Show threadScott Williams 🐧Nov 7, 2023
@sheogorath Coinceidentally, I hit those pull rate limits a week ago 🙃