[ale] Containers... use?

James Taylor james.taylor at eastcobbgroup.com
Tue Sep 19 15:29:11 EDT 2017


Maybe this time with the URL.

https://www.suse.com/products/caas-platform/ <https://www.suse.com/products/caas-platform/>


> On Sep 19, 2017, at 3:17 PM, James Taylor <james.taylor at eastcobbgroup.com> wrote:
> 
> And I’ll add this, if anyone’s interested…
> -jt
> 
> James Taylor
> james.taylor at eastcobbgroup.com <mailto:james.taylor at eastcobbgroup.com>
> 678-697-9420
> 
>> On Sep 19, 2017, at 1:42 PM, Jim Kinney <jim.kinney at gmail.com <mailto:jim.kinney at gmail.com>> wrote:
>> 
>> SWEET! 
>> 
>> LDAP auth means my IPA process can be used to further brutalize, er, um, manage user access to specialty locations as required.
>> 
>> On Tue, 2017-09-19 at 13:24 -0400, Niel Bornstein wrote:
>>> I'll also put this right here:
>>> 
>>> http://port.us.org/ <http://port.us.org/>
>>> 
>>> On 09/19/2017 11:25 AM, Jerald Sheets wrote:
>>>> 
>>>> That’s what Jim and I were bantering about.  There’s “DockerHub” which
>>>> provides baked images, and there are several official ones from the
>>>> vendors there.  You can also have your own space (a lot like GitHub)
>>>> where you curate and manage your own images, and reference those
>>>> directly instead of the publicly managed ones by “God knows who”…
>>>> 
>>>> Check it out.
>>>> 
>>>> https://hub.docker.com/ <https://hub.docker.com/>
>>>> 
>>>> 
>>>> —jms
>>>> 
>>>> 
>>>>> 
>>>>> On Sep 19, 2017, at 9:57 AM, Jeff Hubbs <jhubbslist at att.net <mailto:jhubbslist at att.net>
>>>>> <mailto:jhubbslist at att.net <mailto:jhubbslist at att.net>>> wrote:
>>>>> 
>>>>> I was referring to the first one. I'm trying to get used to the notion
>>>>> of a package management system that runs underneath or beside the
>>>>> operating system's.
>>>>> 
>>>>> On 9/18/17 5:25 PM, lnxgnome wrote:
>>>>>> 
>>>>>> 
>>>>>> Jeff,
>>>>>> 
>>>>>>   Are you asking about Anaconda https://www.anaconda.com/ <https://www.anaconda.com/> or Anaconda
>>>>>> https://fedoraproject.org/wiki/Anaconda <https://fedoraproject.org/wiki/Anaconda> ?
>>>>>> 
>>>>>>   For the first, there is...
>>>>>> https://github.com/ContinuumIO/docker-images/tree/master/anaconda <https://github.com/ContinuumIO/docker-images/tree/master/anaconda>
>>>>>>   For the second, there is...
>>>>>> http://atodorov.org/blog/2015/10/28/building-docker-images-with-anaconda/ <http://atodorov.org/blog/2015/10/28/building-docker-images-with-anaconda/>
>>>>>> 
>>>>>> 
>>>>>> On 20170918 12:49 PM, Jeff Hubbs wrote:
>>>>>>> 
>>>>>>> Can someone help characterize for me how Anaconda fits into this
>>>>>>> whole container business?
>>>>>>> 
>>>>>>> On 9/18/17 11:52 AM, Jim Kinney wrote:
>>>>>>>> 
>>>>>>>> I'm very close to the point of isolating my docker junkies in every
>>>>>>>> possible way and letting their stuff get broken into. That will be
>>>>>>>> the only way to get the political leverage to be able tell a PhD
>>>>>>>> faculty "NO. It ALL runs through me and upstream university
>>>>>>>> security. No exception."
>>>>>>>> 
>>>>>>>> On September 18, 2017 9:34:37 AM EDT, Solomon Peachy
>>>>>>>> <pizza at shaftnet.org <mailto:pizza at shaftnet.org>> wrote:
>>>>>>>> 
>>>>>>>>     On Mon, Sep 18, 2017 at 09:18:46AM -0400, Jerald Sheets wrote:
>>>>>>>> 
>>>>>>>>         All containers should be curated by Systems. The Developers
>>>>>>>>         should submit them for security scanning, or you should
>>>>>>>>         employ a DevSecOps model for deployment. i.e., federate
>>>>>>>>         security scanning by providing OS, App, transport,
>>>>>>>>         penetration, and network security testing as APIs that devs
>>>>>>>>         can leverage instead of leaving them to security. Left to
>>>>>>>>         their own devices, unreasonable deploy timelines set for
>>>>>>>>         them, and golf-playing pointy-hairs with unreasonable ship
>>>>>>>>         date requirements, it’ll never happen. 
>>>>>>>> 
>>>>>>>> 
>>>>>>>>         This should all be automated and part of a security CI/CD
>>>>>>>>         pipeline without which a “pass” from the security field,
>>>>>>>>         cannot ever be deployed into production. This is how we do it. 
>>>>>>>> 
>>>>>>>> 
>>>>>>>>     The unspoken assumption here is that your needs are sufficient to make 
>>>>>>>>     this (completely necessary!) administrative overhead worthwhile.  
>>>>>>>> 
>>>>>>>>     Unfortunately, much like VMs before, most shops just "download an image" 
>>>>>>>>     from the likes of DockerHub and then deploy it, with no real thought
>>>>>>>>     towards ongoing maintainence or security concerns.  Because those cost
>>>>>>>>     time/effort -- and therefore and money.
>>>>>>>> 
>>>>>>>>      - Solomon </grumble>
>>>>>>>> 
>>>>>>>> 
>>>>>>>> -- 
>>>>>>>> Sent from my Android device with K-9 Mail. All tyopes are thumb
>>>>>>>> related and reflect authenticity.
>>>>>>>> 
>>>>>>>> 
>>>>>>>> _______________________________________________
>>>>>>>> Ale mailing list
>>>>>>>> Ale at ale.org <mailto:Ale at ale.org>
>>>>>>>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>>>>>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>>>>>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> _______________________________________________
>>>>>>> Ale mailing list
>>>>>>> Ale at ale.org <mailto:Ale at ale.org>
>>>>>>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>>>>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>>>>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> Ale mailing list
>>>>>> Ale at ale.org <mailto:Ale at ale.org>
>>>>>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>>>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>>>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>>>> 
>>>>> 
>>>>> 
>>>>> _______________________________________________
>>>>> Ale mailing list
>>>>> Ale at ale.org <mailto:Ale at ale.org> <mailto:Ale at ale.org <mailto:Ale at ale.org>>
>>>>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>>> 
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org <mailto:Ale at ale.org>
>>>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>>>> 
>>> 
>>> 
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org <mailto:Ale at ale.org>
>>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo <http://mail.ale.org/mailman/listinfo>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org <mailto:Ale at ale.org>
>> http://mail.ale.org/mailman/listinfo/ale <http://mail.ale.org/mailman/listinfo/ale>
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170919/e61abc7b/attachment.html>


More information about the Ale mailing list