Hacker Newsnew | past | comments | ask | show | jobs | submit | helloiamaperson's commentslogin

take a look at my post from earlier: https://news.ycombinator.com/item?id=13031870 . I'd be interested to hear your (and others') thoughts.


Since you're doing research in this area, have you taken a look at something like https://www.dyadicsec.com/ at all? I looked at the whitepaper a while ago, and it seemed to make sense, though I was way out of my depth.


No, I have not actually. I will definitely check the whitepaper out. Thanks!


Check out concourse.ci [example pipeline at https://ci.concourse.ci/]. It fully supports building docker images - https://github.com/concourse/docker-image-resource


I'd love to hear more about your solution. Are you saying that you've created an algorithm distinct from paxos/raft/zab that's more robust?


Being able to rebuild critical infrastructure from source, and know that you'll be able to reliably deploy it, is a _huge_ win for security.

In that case, you might be interested in bosh: http://bosh.io/docs/problems.html (the tool that enables the workflow jacques_chester was describing). It embraces the idea of reliably building from source for the exact reasons you've mentioned.


You should take a look at https://bosh.io/ . It does what you want wrt devs being responsible for defining how the software runs, environment reproducibility, etc. Unfortunately, the learning curve is pretty steep.


As Titanous said, BOSH operates at a lower level than Flynn. You could use BOSH to deploy Flynn, hypothetically. A more direct comparison would be Cloud Foundry.


BOSH would be ideal for managing a Flynn cluster.

At Pivotal we're seeing multi-thousand VM instances of Cloud Foundry that BOSH deploys and updates gracefully.


There's a foundation that's a separate entity that owns the IP: https://www.cloudfoundry.org/membership/members/


> I'm pretty sure it's quite valuable, though I'm also unclear what people would be willing to pay.

Your solution probably works great for your needs, but this stuff is expensive to productize. See https://www.openshift.org/


Who I note basically decided to start from scratch because this docker thing happened. Cloud Foundry has had to do a lot of re-thinking too.

But my impression of openshift is that it's really a work in progress and that they haven't actually gotten it adequately productized yet.

Docker has gotten enough developer buy-in into containerization that I think it's fundamentally changed what it means to do infrastructure, be it PaaS or IaaS or whatever.


Probably an oversimplification on my part but it seems like OpenShift is nice enterprise friendly features sprinkled on top of Kubernetes. Which is no small thing, they've contributed quite a few patches to Kubernetes that are critical for a lot of enterprises. And a read/write GUI shouldn't be a hard requirement these days but a lot of big companies have this ingrained habit of treating IT like a commodity and subsequently hire people that are so uncomfortable with the CLI they're openly hostile to the idea of even touching it.

Then there's command and control. OpenShift seems to be more friendly to keeping things under someone's thumb. In an ideal world people would use Kubernetes the way Google uses Borg and devs would be trusted the way they are at Google. But between corporate fiefdoms and the aforementioned hiring practices many companies are still very far from that ideal.


> One PaaS with developers in mind is https://nodechef.com It would be interesting to see how they do.

Is this your product? All of your comments are about it.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: