[ale] [EXTERNAL] Re: [ALE] So the winner is?
DJ-Pfulio
DJPfulio at jdpfu.com
Thu May 20 09:03:21 EDT 2021
Common sense isn't nearly as common as we all think.
I recall, vaguely, thinking all the "old guys" just were afraid of the great, new, tech too. Now I know better.
On 5/19/21 9:53 PM, Allen Beddingfield via Ale wrote:
> I remember being at an event several years back, where a group of 20-something web hipsters were doing a session on how they had replaced the legacy client/server setup at a corporation with some overly complicated in-house built thing mixing all sorts of web technologies and dbs in containers running at a cloud provider. They were very detailed about their decision to put it in containers, because all the infrastructure people at that company were so behind the times with all their security models, insisting on not running things as root, firewalls, blah, blah...
> Quite a few people left shaking their heads at that point. I was sitting next to a guy FROM a major cloud hosting provider, who almost choked on his coffee while laughing when one of them said that "It is just a matter of time before Dell and HP are out of the server business - no one needs their servers anymore! Everything will be running in the cloud, instead!"
>
> I still argue that the main motivating force behind containers is that developers want an easy way to circumvent basic security practices, sane version control practices, and change control processes. There are plenty of valid use cases for them, but sadly, that is the one actually driving things. We have a whole generation of developers who weren't taught to work within the confines of the system presented to them.
> No one ever prepared them for enterprise IT. Now we have heaven knows what software, running heaven knows what version, in some container that developers can put online and take offline at will. Who audited that random base Docker image they started with? Are patches applied to what is running in there? Is it secretly shipping off sensitive data somewhere? Who knows. Unless you defeat the whole purpose of a container, you don't have any agents on the thing to give you that data.
>
> Next, I'm going to go outside and yell at people to get off my lawn . . .
>
> Allen B.
> --
> Allen Beddingfield
> Systems Engineer
> Office of Information Technology
> The University of Alabama
> Office 205-348-2251
> allen at ua.edu
>
>
> ________________________________________
> From: Ale <ale-bounces at ale.org> on behalf of Solomon Peachy via Ale <ale at ale.org>
> Sent: Wednesday, May 19, 2021 7:57 PM
> To: Atlanta Linux Enthusiasts
> Cc: Solomon Peachy
> Subject: [EXTERNAL] Re: [ale] [ALE] So the winner is?
>
> On Wed, May 19, 2021 at 03:42:48PM -0400, Leam Hall via Ale wrote:
>> Instances are re-created programmatically. Much of the OS is becoming
>> bloat that does not support the application. Unless you're doing the
>> datacenter for Amazon, your statement doesn't quite fit.
>
> If your point is that it's easier to "consume" black-box images that
> someone else creates without having any idea what/how things inside
> work, then sure, I would agree.
>
> Meanwhile, someone still has to (1) put those images together, and (2) be able
> to debug it when (not if!) something breaks.
>
> But hey, the fewer people that know how to get their hands dirty, the
> more money I get to charge. Suffice it to say I'm actually looking
> forward to the Y2038 panic.
>
More information about the Ale
mailing list