[ale] Behind on your "Container Skills"
Ed Cashin
ecashin at noserose.net
Mon Jan 8 12:16:08 EST 2018
Hmm. Containers are really just a mechanism to make advancements in
process isolation easier to use.
You must be thinking of using containers instead of VMs or separate
physical machines. It's easy to beat up on containers if you compare them
to VMs or hardware isolation.
Usually I think of it as a choice between running a process in the global
namespace or running the process with more isolation via cgroups,
filesystem namespaces, etc. Running containers is really just running
processes, like running a process in chroot but less broken.
On Mon, Jan 8, 2018 at 12:05 PM, Jim Kinney via Ale <ale at ale.org> wrote:
> Devs LOVE containers. SysAdmins hate them. They are difficult to manage
> for updates (toss and rebuild) and most devs pull latest-greatest libs even
> though they are all right from git repo and not checked for problems. None
> of the security checks that exist for vm control work for containers and
> they leak like screen door on a submarine.
>
> Good for development. Should be barred from production use.
>
> On January 8, 2018 11:34:07 AM EST, DJ-Pfulio via Ale <ale at ale.org> wrote:
>>
>> From the article, seems most enterprises still use VMs and real hardware
>> for their production loads. Containers are mostly used for development
>> needs, not production.
>>
>> https://www.theregister.co.uk/2018/01/08/container_shock_not_everybody_is_doing_it/
>>
>> ------------------------------
>>
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>>
> --
> Sent from my Android device with K-9 Mail. All tyopes are thumb related
> and reflect authenticity.
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
--
Ed Cashin <ecashin at noserose.net>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20180108/c9fe2b07/attachment.html>
More information about the Ale
mailing list