Can you link to the announcement?

Slightly worried in the short term, but happy for the long term, as it will have developers looking in other places for solutions, like Nix, Guix, unikernels or other image providers

@U052XLL3A it was an email from docker, but here is a hacker news thread about it : https://news.ycombinator.com/item?id=35154025

obvs there are other container providers, but given container storage is layered, it seems difficult to predict effects if docker start deleting images

here's the email text

Docker is sunsetting Free Team organizations

Free Team organizations are a legacy subscription tier that no longer exists. This tier included many of the same features, rates, and functionality as a paid Docker Team subscription.

After reviewing the list of accounts that are members of legacy Free Team organizations, we’ve identified yours as potentially being one of them.

If you own a legacy Free Team organization, access to paid features — including private repositories — will be suspended on April 14, 2023 (11:59 pm UTC). Upgrade your subscription before April 14, 2023 to continue accessing your organization.

If you don’t upgrade to a paid subscription, Docker will retain your organization data for 30 days, after which it will be subject to deletion. During that time, you will maintain access to any images in your public repositories, though rate limitations will apply. At any point during the 30-day period, you can restore access to your organization account if you upgrade to a paid subscription. Visit our FAQ for more information.

https://twitter.com/justincormack/status/1635704358355468307 seems to indicate they'll honor free access/hosting for any open source project that is on file (and won't delete any images for projects that apply now).

(although some of the "feedback" in that GH thread is less than encouraging)

lots of OSS projects seem never to have gotten any response to their applications... and their definition of open source is apparently very restrictive

Yeah... so it seems from that issue's comments... maybe they're planning to be more responsive and more lenient going forward, given what their CTO said on Twitter? (he said, hopefully)

the sensible option at this point seems to be to remove all docker hub dependencies from our k8s cluster... the challenge will be in figuring out exactly where docker dependencies are - straightforward for our own images, but the k8s operators... k8s operators are great, but they are opaque!

actually, maybe the sensible option is to wait a few days and see if docker row back from their "delete everything" position, and then move to removing all docker hub deps if they don't, while there is still a few weeks to go

It would really help if Docker provided a list of which namespaces are potentially affected so at least users had a chance to see how disruptive this could be (and perhaps help some of their favorite OSS projects with funding to switch to paid plans)...

yep, some information like that would go a long way to making it possible to understand what the impact might be... right now, because of layered storage, the only way i can view it is that docker hub is being effectively sunset in a month

The four Docker images we rely on are all tagged as "DOCKER OFFICIAL IMAGE" which I would assume means are safe...?

Rather than people moving to Nix, I expect more organisations will just be selfhosting registries.

Looking at their UI, there seem to be three "safe" categories: Docker Official Image, Verified Publisher (commercial entity), and Sponsored OSS (already part of the Docker open source program). Searching for random other stuff I have started to find images that aren't in those three categories and are, I suspect, up for deletion...

hmm... and looking at the http://hub.docker.com UI for one of our images, it's showing all the parent layers as if they were our own layers... which gives me some vague hope that they aren't going to delete parent layers of images in paid accounts (despite them not having said such)

oh, actually it's not all the parent layers ... it seems to be all the parent layers down to some linux base...

thanks for this link @U04V70XH6, I applied for clj-kondo and babashka orgs on docker hub now. I was already discussing in #CLX41ASCS to not support those docker images any longer, but perhaps this is a way out

well this removes many of the worries : https://twitter.com/mccraigmccraig/status/1635924539866480640?t=a0ypjAvSrWL0AlFe01yE2A&s=09

now i just need to figure out if there are any services in our k8s cluster which directly use images which may be deleted

some companies also use something like a proxy which caches all images you depend on

similar to what's done with mvn deps

since i couldn't figure out a better way, i ssh'd in to all the nodes in our k8s cluster and collated the outputs of docker images... then went through each image looking for it on docker hub. there are quite a few images which are gotten through opaque dependencies (either EKS/k8s itself, or a k8s operator), so some of them were new to me some of our critical dependencies are at risk of deletion, so i'm going to have to find new sources for those images here's my workings : https://docs.google.com/spreadsheets/d/16Zdv8gCbvce6tby8PVYgQE6jBOhTB0nek-9XTk_mBgU/edit?usp=sharing

@U0524B4UW How many of those at risk are free personal (ok) vs free team (not safe)? (or did I misread the Docker announcement/threads and free personal accounts?)

btw, at babashka we're moving to ghrc anyway now. after reading this: https://blog.alexellis.io/docker-is-deleting-open-source-images/ I think it's better to move away. we'll keep pushing things to dockerhub as well, as long as it keeps working

@U04V70XH6 i suspect 1 of the 6 is free-personal ( https://hub.docker.com/r/bobrik/curator ) .. that belongs to a "Community User" account, whereas the rest belong to a "Community Organization" account

Ah, so the difference can be seen. I wasn't sure.