[ale] Containers... use?
Niel Bornstein
nbornstein at gmail.com
Tue Sep 19 13:24:07 EDT 2017
I'll also put this right here:
http://port.us.org/
On 09/19/2017 11:25 AM, Jerald Sheets wrote:
> That’s what Jim and I were bantering about. There’s “DockerHub” which
> provides baked images, and there are several official ones from the
> vendors there. You can also have your own space (a lot like GitHub)
> where you curate and manage your own images, and reference those
> directly instead of the publicly managed ones by “God knows who”…
>
> Check it out.
>
> https://hub.docker.com/
>
>
> —jms
>
>
>> On Sep 19, 2017, at 9:57 AM, Jeff Hubbs <jhubbslist at att.net
>> <mailto:jhubbslist at att.net>> wrote:
>>
>> I was referring to the first one. I'm trying to get used to the notion
>> of a package management system that runs underneath or beside the
>> operating system's.
>>
>> On 9/18/17 5:25 PM, lnxgnome wrote:
>>>
>>> Jeff,
>>>
>>> Are you asking about Anaconda https://www.anaconda.com/ or Anaconda
>>> https://fedoraproject.org/wiki/Anaconda ?
>>>
>>> For the first, there is...
>>> https://github.com/ContinuumIO/docker-images/tree/master/anaconda
>>> For the second, there is...
>>> http://atodorov.org/blog/2015/10/28/building-docker-images-with-anaconda/
>>>
>>>
>>> On 20170918 12:49 PM, Jeff Hubbs wrote:
>>>> Can someone help characterize for me how Anaconda fits into this
>>>> whole container business?
>>>>
>>>> On 9/18/17 11:52 AM, Jim Kinney wrote:
>>>>> I'm very close to the point of isolating my docker junkies in every
>>>>> possible way and letting their stuff get broken into. That will be
>>>>> the only way to get the political leverage to be able tell a PhD
>>>>> faculty "NO. It ALL runs through me and upstream university
>>>>> security. No exception."
>>>>>
>>>>> On September 18, 2017 9:34:37 AM EDT, Solomon Peachy
>>>>> <pizza at shaftnet.org> wrote:
>>>>>
>>>>> On Mon, Sep 18, 2017 at 09:18:46AM -0400, Jerald Sheets wrote:
>>>>>
>>>>> All containers should be curated by Systems. The Developers
>>>>> should submit them for security scanning, or you should
>>>>> employ a DevSecOps model for deployment. i.e., federate
>>>>> security scanning by providing OS, App, transport,
>>>>> penetration, and network security testing as APIs that devs
>>>>> can leverage instead of leaving them to security. Left to
>>>>> their own devices, unreasonable deploy timelines set for
>>>>> them, and golf-playing pointy-hairs with unreasonable ship
>>>>> date requirements, it’ll never happen.
>>>>>
>>>>>
>>>>> This should all be automated and part of a security CI/CD
>>>>> pipeline without which a “pass” from the security field,
>>>>> cannot ever be deployed into production. This is how we do it.
>>>>>
>>>>>
>>>>> The unspoken assumption here is that your needs are sufficient to make
>>>>> this (completely necessary!) administrative overhead worthwhile.
>>>>>
>>>>> Unfortunately, much like VMs before, most shops just "download an image"
>>>>> from the likes of DockerHub and then deploy it, with no real thought
>>>>> towards ongoing maintainence or security concerns. Because those cost
>>>>> time/effort -- and therefore and money.
>>>>>
>>>>> - Solomon </grumble>
>>>>>
>>>>>
>>>>> --
>>>>> Sent from my Android device with K-9 Mail. All tyopes are thumb
>>>>> related and reflect authenticity.
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Ale mailing list
>>>>> Ale at ale.org
>>>>> http://mail.ale.org/mailman/listinfo/ale
>>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>>> http://mail.ale.org/mailman/listinfo
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Ale mailing list
>>>> Ale at ale.org
>>>> http://mail.ale.org/mailman/listinfo/ale
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>>> http://mail.ale.org/mailman/listinfo
>>>
>>>
>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>>
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org <mailto:Ale at ale.org>
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mail.ale.org/pipermail/ale/attachments/20170919/9040c0c8/attachment.sig>
More information about the Ale
mailing list