| 1 |
On Sat, Feb 28, 2015 at 3:58 AM, eric gisse <jowr.pi@×××××.com> wrote: |
| 2 |
> Let's turn this around. |
| 3 |
> |
| 4 |
> What is the business case for containerization when security is so |
| 5 |
> loose and ill-defined right now? |
| 6 |
|
| 7 |
The promise (and depending on your context and regulations, this might |
| 8 |
be true already as well) is that you can offer faster deployment of |
| 9 |
application(s). |
| 10 |
|
| 11 |
For instance, without containers development teams might need to |
| 12 |
deploy to a non-production environment that is "shared" for all teams, |
| 13 |
requiring rigid change management processes to make sure projects |
| 14 |
don't step on other projects' toes. |
| 15 |
|
| 16 |
With containers, development teams deploy their containers on a |
| 17 |
non-production docker cluster without impact to other development |
| 18 |
teams. |
| 19 |
|
| 20 |
Security requirements here are a bit less than in production (due to |
| 21 |
the non-production environment). When changes are matured, then change |
| 22 |
management can bring this to the (non-Docker) production environment. |
| 23 |
|
| 24 |
There are also of course possibilities to use containers in |
| 25 |
production, but then the security management needs to be taken into |
| 26 |
account again (which is definitely doable, just requires some |
| 27 |
"different" thinking). |
| 28 |
|
| 29 |
Wkr, |
| 30 |
Sven Vermeulen |
Archives