Reply to post: Re: I remember when....

Netflix could pwn 2020s IT security – they need only reach out and take

Tom 38 Silver badge

Re: I remember when....

We can trivially spin up cattle with Ansible/Puppet without the need for Docker, so for Docker to make it into the implementation you need to be able to justify it.

It's far better than our older architecture of kvm VMs and CFEngine. Everything that went in CFEngine, even if it was about the structure of the application and code, had to be approved by a sysadmin before the software teams could apply it.

It's easier to manage and distribute workloads with a well structured k8s/docker/terraform/vagrant/ci setup. For developers, they get more control over how the software is structured - and if it breaks, it's on them not the sysadmin, and can be rolled back trivially. k8s manages the haproxy routing of requests to containers automagically, so there is no manual configuration file changes when we add an extra host, it JFDI. It makes it much simpler to do red-green deployments, or gradual rollout of new features, things that were harder or impossible with the old system.

If you are just using docker for the hell of it, no, its not a good solution. There's lots to learn and implement, and if you cba to put the effort in to do that, you're not going to get good results. It's not enough to say "Use Docker", there are at least 10+ other parts of the infrastructure to setup and use.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021