• @takeda
    link
    1
    edit-2
    1 year ago

    What about this? https://youtu.be/5XY3K8DH55M

    Also I created this repo to create a reproducible sec environment for myself. I added other languages, but personally work mostly with python. It is basically resonating for handling all the boiler plate:

    https://github.com/takeda/nix-cde

    For packaging in docker I started to use nix2container project as it gives me a greater control over layers. So for example when I package my phyton app I typically use 3 layers:

    • python and it’s dependencies
    • my application dependencies
    • my application, which is very tiny compared to other two, so there is great reuse of the layers

    The algorithm mentioned in the video also helps a lot with reuse, but the above is more optimized by frequency of how things typically change.

    BTW: today I discovered this https://github.com/astro/microvm.nix I haven’t play with it yet, but in theory it would let me generate a microvm image (in similar fashion to generate a docker container) which would let me to run my app natively as a tiny VM on EC2 for example, and use only minimum necessary of a typical OS to run it.