I used to be a Docker fanboy. But after writing a few semi-complex Dockerfiles, and seeing more of how complex and FUBAR things like networking is [1], I changed my tune.
This was years ago, so maybe they greatly simplified things. But somehow I doubt it =/
[1] " Docker, by default, punches massive holes through your firewall in non-obvious ways. People don't realize that with a default Docker configuration, containers are ignoring any normal firewall rules you may have setup with iptables or ufw." - https://news.ycombinator.com/item?id=25834444
This was years ago, so maybe they greatly simplified things. But somehow I doubt it =/
[1] " Docker, by default, punches massive holes through your firewall in non-obvious ways. People don't realize that with a default Docker configuration, containers are ignoring any normal firewall rules you may have setup with iptables or ufw." - https://news.ycombinator.com/item?id=25834444