[ale] Containers... use?
Jerald Sheets
questy at gmail.com
Tue Sep 19 11:25:54 EDT 2017
That’s what Jim and I were bantering about. There’s “DockerHub” which provides baked images, and there are several official ones from the vendors there. You can also have your own space (a lot like GitHub) where you curate and manage your own images, and reference those directly instead of the publicly managed ones by “God knows who”…
Check it out.
https://hub.docker.com/ <https://hub.docker.com/>
—jms
> On Sep 19, 2017, at 9:57 AM, Jeff Hubbs <jhubbslist at att.net> wrote:
>
> I was referring to the first one. I'm trying to get used to the notion of a package management system that runs underneath or beside the operating system's.
>
> On 9/18/17 5:25 PM, lnxgnome wrote:
>> Jeff,
>> Are you asking about Anaconda https://www.anaconda.com/ <https://www.anaconda.com/> or Anaconda https://fedoraproject.org/wiki/Anaconda <https://fedoraproject.org/wiki/Anaconda> ?
>> For the first, there is... https://github.com/ContinuumIO/docker-images/tree/master/anaconda <https://github.com/ContinuumIO/docker-images/tree/master/anaconda>
>> For the second, there is... http://atodorov.org/blog/2015/10/28/building-docker-images-with-anaconda/ <http://atodorov.org/blog/2015/10/28/building-docker-images-with-anaconda/>
>>
>>
>> On 20170918 12:49 PM, Jeff Hubbs wrote:
>>> Can someone help characterize for me how Anaconda fits into this whole container business?
>>>
>>> On 9/18/17 11:52 AM, Jim Kinney wrote:
>>>> I'm very close to the point of isolating my docker junkies in every possible way and letting their stuff get broken into. That will be the only way to get the political leverage to be able tell a PhD faculty "NO. It ALL runs through me and upstream university security. No exception."
>>>>
>>>> On September 18, 2017 9:34:37 AM EDT, Solomon Peachy <pizza at shaftnet.org> <mailto:pizza at shaftnet.org> wrote:
>>>> On Mon, Sep 18, 2017 at 09:18:46AM -0400, Jerald Sheets wrote:
>>>> All containers should be curated by Systems. The Developers should
>>>> submit them for security scanning, or you should employ a DevSecOps
>>>> model for deployment. i.e., federate security scanning by providing
>>>> OS, App, transport, penetration, and network security testing as APIs
>>>> that devs can leverage instead of leaving them to security. Left to
>>>> their own devices, unreasonable deploy timelines set for them, and
>>>> golf-playing pointy-hairs with unreasonable ship date requirements,
>>>> it’ll never happen.
>>>>
>>>> This should all be automated and part of a security CI/CD pipeline
>>>> without which a “pass” from the security field, cannot ever be
>>>> deployed into production. This is how we do it.
>>>>
>>>> The unspoken assumption here is that your needs are sufficient to make
>>>> this (completely necessary!) administrative overhead worthwhile.
>>>>
>>>> Unfortunately, much like VMs before, most shops just "download an image"
>>>> from the likes of DockerHub and then deploy it, with no real thought
>>>> towards ongoing maintainence or security concerns. Because those cost
>>>> time/effort -- and therefore and money.
>>>>
>>>> - Solomon </grumble>
>>>>
>>>> --
>>>> Sent from my Android device with K-9 Mail. All tyopes are thumb related and reflect authenticity.
>>>>
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org <mailto:Ale at ale.org>
>>>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>>
>>>
>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org <mailto:Ale at ale.org>
>>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org <mailto:Ale at ale.org>
>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170919/15345a02/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP
URL: <http://mail.ale.org/pipermail/ale/attachments/20170919/15345a02/attachment.sig>
More information about the Ale
mailing list