this post was submitted on 30 Sep 2024
35 points (83.0% liked)

Python

6393 readers
26 users here now

Welcome to the Python community on the programming.dev Lemmy instance!

πŸ“… Events

PastNovember 2023

October 2023

July 2023

August 2023

September 2023

🐍 Python project:
πŸ’“ Python Community:
✨ Python Ecosystem:
🌌 Fediverse
Communities
Projects
Feeds

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 month ago (1 children)
[–] [email protected] 12 points 1 month ago (3 children)

We do geodata science and rely on some pretty specific C++ libraries that are only distributed via conda. While on unix-based systems it's possible to get some of them from other channels or even building them from source, we mostly have Windows machines in production where we are not that flexible. Docker is unfortunately no solution due to security concerns.

If you are asking why I hate it: It's bloated, uses more space than needed and it's rare I can reproduce an environment from the environment file without running into errors. Using it feels unintuitive, I still google command after years. It was very slow until recently, when the libmamba solver was finally integrated. Last but not least licensing is a pain in the ass.

[–] [email protected] 3 points 1 month ago

Interesting. We use conda via micromamba for my own project, as it makes the install for end-users much easier when they can just run a shell script, to install python, cuda, and all the dependencies needed.

[–] [email protected] 3 points 1 month ago

I share the same frustration trying to replicate an environment. I'm glad I can avoid it these days, the community needs a way out of the conda lock-in.

[–] [email protected] 1 points 1 month ago (2 children)

I've been using micromamba/mamba and not had solving issues like I did with conda. Im glad conda integrated libmamba.

Question: why were docker containers deemed security risks?

[–] [email protected] 2 points 1 month ago (1 children)

If Windows, it requires a VM and currently infosec is not keen on virtualization in the hands of users.

[–] BatmanAoD 3 points 1 month ago (1 children)

I'm no expert, but isn't running in a VM strictly better than running on raw metal from a security perspective? It's generally more locked down, and breaking out of the virtualization layer requires a separate security breach from gaining access to the running container.

[–] [email protected] 2 points 1 month ago

I would think so as well. Possibly it's because a local VM is harder for them to monitor.

[–] [email protected] 1 points 1 month ago

Yes, mamba is a huge improvement. Regarding docker I can't really tell you as I'm not an infrastructure guy.