More

roboben · 2026-06-17T18:50:51 1781722251

docker is not a security boundary but a resource boundary.

cute_boi · 2026-06-17T19:03:04 1781722984

It is security boundary but a weak one. Escaping from docker is very hard.

rvz · 2026-06-17T22:58:50 1781737130

> Escaping from docker is very hard.

You mean a microVM.

A docker LPE (local privilege escalation) requires a kernel exploit such as Copyfail would work under docker but not in a microVM.

roboben · 2026-06-17T18:37:52 1781721472

yes only c8i, m8i and r8i instance types support it. It is called nested virtualization[1]

[1] https://aws.amazon.com/about-aws/whats-new/2026/02/amazon-ec...

thundergolfer · 2026-06-17T18:42:40 1781721760

Unfortunately supply is quite limited. If you want to horizontally scale on these instances you need to have a good relationship with AWS so they'll give you a big allocation before c9i is a thing.

flaminHotSpeedo · 2026-06-18T03:08:25 1781752105

I haven't personally tried, so I can't say for certain, but Lambda has publicly stated they run on bare metal EC2 instances, presumably the supply of whatever instance types they use should be fairly healthy

thundergolfer · 2026-06-18T05:34:00 1781760840

You're talking about AWS Lambda?

- Their use of bare metal isn't necessarily the latest gen hardware - AWS Lambda is part of AWS, and obviously has privileged access to supply

Natalia724 · 2026-06-18T05:53:23 1781762003

The interesting part to me is less the exact hardware generation and more the control plane around placement, isolation, and startup latency. That is hard to copy outside AWS.

roboben · 2026-06-17T18:49:36 1781722176

also i found them much less stable than metal instances running into weird kvm failures

Reformedot · 2026-06-17T18:54:12 1781722452

Yes, it is. It was a challenge to make it work smooth without metal. The scaling out speed was one of the main reasons

roboben · 2026-01-30T09:00:29 1769763629

yep looks heavily inspired by OF. Anyone knows whats up with that project? I was involved years ago, it seems to still be going but I think many people moved on?

roboben · 2025-12-14T20:47:37 1765745257

Hosted dashboard for your personal weather station.

https://weatherstage.com/

I had some custom build scripts and sites for my dad and myself and was thinking I could make a simple SaaS out of it. Super early and didn’t advertise anywhere yet since the actual dashboard is very simple right now but it works and I keep adding the features I want to use myself.

Example dashboard: https://warnitz.weatherstage.com/

If you want to try it out, I suggest you write me at hello at domain and I will get you going. Let me know the type of weather station you have!

roboben · 2025-12-11T05:51:12 1765432272

They should have renamed it first to HashiCorp, an IBM Company CDK, then shut it down

roboben · on April 9, 2025

Tried it, had some issue, opened a bug report, no response. I think it is dead.

roboben · on March 6, 2025

Le chat doesn’t seem to know about this change despite the blog post stating it. Can anyone explain how to use it in Le Chat?

kapitalx · on March 6, 2025

Looks to be API only for now. Documentation here: https://docs.mistral.ai/capabilities/document/

troyvit · on March 6, 2025

I asked LeChat this question:

If I upload a small PDF to you are you able to convert it to markdown?

LeChat said yes and away we went.

roboben · on Feb 28, 2025

…and removed from front page…

roboben · on Feb 15, 2025

Why did this post got removed from the front page?

roboben · on Feb 6, 2025

Docker hub reported an incident[1] at the same time. Are they running on R2?

[1] https://www.dockerstatus.com/pages/incident/533c6539221ae15e...

miyuru · on Feb 6, 2025

looks like they do for free users.

https://docs.docker.com/desktop/setup/allow-list/