|
|
|
|
|
|
by djhworld
3250 days ago
|
|
|
What's nice about this is the directness of it. As far as I understand, with services like AWS ECS you need to provision the infrastructure first and pay for its uptime, whereas this allows more ephemeral containers to be run with minimal setup, and you only pay for the compute time used Would only be useful for short lived jobs, but a really nice idea none the less. |
|
|
The container security model will almost certainly improve in the future, but for now I'm only ok with other people in my same company sharing the kernel, not incentivised attackers.
[edit]
I'm going to unfud my comment. Some further reading makes me think maybe they spin up something like kvm containers and use a minimal distribution such that they can get to "seconds". If it were me, I'd have pre-running instances of the base image that were ready for a customer to attach and own.