There really is something to be said about…
- immutable operating systems. I really liked CoreOS until RedHat bought them and I realized RKT was not getting love and that Docker seemed more elementary than production ready but the idea of an immutable OS is a great idea.
- Cattle vs Pets. This was also an elementary idea but I’ve discovered that chicken is better than cattle. Cattle are too expensive to build and care for. Most projects are small which is why I use SQLite instead of Postgres.
- Containers vs chroot/jail. Unfortunately chroot/jail are not universal but neither are containers, however, containers basically implement chroot/jail. While docker was the first magnet all that is changing again.
- Virtual Machines vs Containers. Well, containers were meant for microservices but that is simply not the way things are going. It’s become an OS delivery mechanism with many more attack vectors.
- Linux(et al) vs OpenBSD. OpenBSD has it’s quirks but [a] it has a predictable release cadence and the overal architecture and philosophy makes sense for secure production where Linux could be patched every day creating a very different security need.
Sidebar…
- Whats the point of taking complex database or system backups if you have no idea how to restore it?