Re: [gentoo-hardened] docker updates

public inbox for gentoo-hardened@lists.gentoo.org
 help / color / mirror / Atom feed

From: Sven Vermeulen <sven.vermeulen@siphos.be>
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] docker updates
Date: Sat, 28 Feb 2015 08:36:02 +0100	[thread overview]
Message-ID: <CAPzO=NwaDBEJ20tS1jXpn9ie=nRKFBiEMx1sU=5S6dEJyJDMgQ@mail.gmail.com> (raw)
In-Reply-To: <CAHZ_Ajtk4wjFPW+ZfvHPRBd+H4N6sQkjwj3ZeD5FUTzGaCJZPw@mail.gmail.com>

On Sat, Feb 28, 2015 at 3:58 AM, eric gisse <jowr.pi@gmail.com> wrote:
> Let's turn this around.
>
> What is the business case for containerization when security is so
> loose and ill-defined right now?

The promise (and depending on your context and regulations, this might
be true already as well) is that you can offer faster deployment of
application(s).

For instance, without containers development teams might need to
deploy to a non-production environment that is "shared" for all teams,
requiring rigid change management processes to make sure projects
don't step on other projects' toes.

With containers, development teams deploy their containers on a
non-production docker cluster without impact to other development
teams.

Security requirements here are a bit less than in production (due to
the non-production environment). When changes are matured, then change
management can bring this to the (non-Docker) production environment.

There are also of course possibilities to use containers in
production, but then the security management needs to be taken into
account again (which is definitely doable, just requires some
"different" thinking).

Wkr,
  Sven Vermeulen

next prev parent reply	other threads:[~2015-02-28  7:36 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-02-25 20:11 [gentoo-hardened] docker updates Alex Efros
2015-02-26  7:53 ` Sven Vermeulen
2015-02-26 10:35   ` F. Alonso
2015-02-27  1:20     ` Alex Efros
2015-02-28  2:58       ` eric gisse
2015-02-28  7:36         ` Sven Vermeulen [this message]
2015-02-27 16:38 ` [gentoo-hardened] " Alex Brandt
2015-02-27 18:04   ` Alex Efros
2015-02-28  3:19     ` Jason Zaman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAPzO=NwaDBEJ20tS1jXpn9ie=nRKFBiEMx1sU=5S6dEJyJDMgQ@mail.gmail.com' \
    --to=sven.vermeulen@siphos.be \
    --cc=gentoo-hardened@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox