On Sun, Jan 12, 2014 at 04:39:12PM -0800, Adam Williamson wrote: > You're preaching to the choir. But if in practice people really don't > deploy things via the distribution packages, it doesn't matter how > awesomely secure the distribution packages are. Something that you're > not using is never providing you with any additional security. So for me, the question is: how can we make these things at least meet in the middle? Can we bring some of the distro benefits to the application deployment area? I think we can. Right now, I think Docker might be the most interesting approach for that (possibly future Docker with greater future OpenShift integration). This takes two things from Fedora (which are outside of the traditional distribution but can still easily fit under our umbrella). First: People can build Docker application containers with Fedora packages. But our packages (like all packages intended to be part of a whole system) are kind of badly suited for this -- they have dependencies on systemd, they expect a certain logging infrastructure, etc. We could have package variants meant for building app containers. (This'd be an interesting COPRs experiment.) Second: we could start building a library of pre-packaged application containers. Again, Docker makes an interesting and currently-hot technology to do this on (although it doesn't have to be Docker, of course). For example, an easy Fedora-based image with OwnCloud ready to go. -- Matthew Miller -- Fedora Project -- <mattdm@xxxxxxxxxxxxxxxxx> -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
