On Tue, 30 Oct 2018 at 07:28, Ben Cooksley <bcooks...@kde.org> wrote:
> Sorry, Docker might be a wonderful way to test applications, but it's
> totally unsuitable for production workloads.

That's a bold claim. At Zalando we have 10,000s of microservices in
production and each one of them is running inside a Docker container.
this has been our deployment vector for years

We are far from alone in this.

> First, the contents of that Docker image can be confirmed how exactly?

You build the image yourself, sign it and upload to your own private registry.

> Second, it's impossible for Sysadmin to delegate management of a
> Docker container to anyone.

There are third party tools to support this and Docker itself supports
delegation of signing and deployment.
Each team at Zalando has full autonomy to start/stop/update/deploy and
reassign their running services (and therefore the container).

This is handled by an open source tech we have released called STUPS:
https://stups.io/

Sadly, this is AWS-centric, but I am sure there are other solutions
that solve the same problem. Openstack?

> This means if anything goes wrong with it a Sysadmin would have to be
> the one to take a look

Genuine comment:
Unless you are doing devops, when *anything* goes wrong I would expect
the sysadmin to be the first to react.
If you /are/ doing devops, then of course it is the deploying team who reacts.

-- 
Paul J. Adams
  PhD MIEEE MBCS CITP

GPG: 07DD 0812 Paul James Adams

Reply via email to