1 |
On Sat, Feb 28, 2015 at 3:58 AM, eric gisse <jowr.pi@×××××.com> wrote: |
2 |
> Let's turn this around. |
3 |
> |
4 |
> What is the business case for containerization when security is so |
5 |
> loose and ill-defined right now? |
6 |
|
7 |
The promise (and depending on your context and regulations, this might |
8 |
be true already as well) is that you can offer faster deployment of |
9 |
application(s). |
10 |
|
11 |
For instance, without containers development teams might need to |
12 |
deploy to a non-production environment that is "shared" for all teams, |
13 |
requiring rigid change management processes to make sure projects |
14 |
don't step on other projects' toes. |
15 |
|
16 |
With containers, development teams deploy their containers on a |
17 |
non-production docker cluster without impact to other development |
18 |
teams. |
19 |
|
20 |
Security requirements here are a bit less than in production (due to |
21 |
the non-production environment). When changes are matured, then change |
22 |
management can bring this to the (non-Docker) production environment. |
23 |
|
24 |
There are also of course possibilities to use containers in |
25 |
production, but then the security management needs to be taken into |
26 |
account again (which is definitely doable, just requires some |
27 |
"different" thinking). |
28 |
|
29 |
Wkr, |
30 |
Sven Vermeulen |