Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is true, but containers are so much better than nothing and relatively simple to use, so if someone isn't going to put in the effort for a more secure solution I'd rather they use Docker than nothing.


Are containers simpler to automate from a service provider's POV than, say KVM or qemu or Firecracker (or other VM tech)?


Yes, Docker largely became popular because of its user friendliness. Running a containerized compile job can be quickly done in a single command (e.g. docker run --rm -v "$(pwd):/src" -t ownyourbits/mmake).


We haven't lost the effort in securing bare metal systems. Those still work.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: