[ale] Containers... use?

Lightner, Jeffrey JLightner at dsservices.com
Mon Sep 18 09:15:56 EDT 2017


We use CoreOS/Docker for containers and have implemented some Production processes in such environments.

As someone else noted the location of containers that can be downloaded is not ideal from a security standpoint.   DevOps to allow developers to spin up things quickly sounds like a good idea until you realize a developer’s mission is implementation with little concern for sustainability.

RedHat Atomic moved to Docker more than a year ago and they vet the containers you download from them so if you were going to use it in Production I’d suggest looking at that rather than the CoreOS/Docker route specifically for security.

While it is true most containers don’t come with all the tools an admin might want, you CAN install other packages within them.   Also you can install “toolbox” in the base OS that will let you run many tools.   On CoreOS that installs as Fedora and you can install any tools within the toolbox as well.

An important point about containers is that they are not full VMs.   However, like VMs you can have dissimilar containers run on the same underlying server so that you might have CoreOS as the underlying OS yet have Ubuntu, CentOS, Fedora, Suse containers.

From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Jerald Sheets
Sent: Monday, September 18, 2017 9:10 AM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] Containers... use?

Docker containers with Kubernetes or Mesos orchestration is the “now” in web microservices all the way up to enterprise applications.  Further “densifying” existing hardware and enabling the autoscaling of current infra is the most common use.

I’ve got about 80k systems utilizing containers (lxc and Docker) and am migrating wholesale to Docker.  We’re also using the container model to easily ship app images between public cloud providers and on-prem cloud as well as to deliver Development fully functional deploy images for testing in each of the supported environments.

Just think “virtualized apps instead of machines” and you’ve got it.

As for security, there are tools for that.
As for orchestration, there are tools for that.
As for logging and visibility, there are tools for that.

And in each case there are both productized and open source solutions available.

I hear the same skepticism we all had to VMs in 1997-2000 with containers, and it’s everything the same all over again, IMO.

It’s the way you massively scale today in huge enterprises (I have over 160k nodes in our environments)

I’d strongly encourage any Sysadmin to know containers (lxc or Docker), as it will be very important moving forward in the industry.


—Jerald
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170918/6fe3b788/attachment.html>


More information about the Ale mailing list