|
|
|
|
|
|
by cheap
3200 days ago
|
|
|
I'm not one to write negative reviews of open source tech. Typically, everyone has skin in the game for one reason or the other, and diversity in tech is positively great. But Mesosphere DC/OS is purely advertising and marketing driven. Their "Docker support" simply means they use normal Mesos worker processes to shell out to the Docker CLI across a cluster. They tightly wrap Hashicorp Vault and label it their own solution. Marathon has terrible support for security and application deployments geared toward enterprise teams. Hell, deployments can write over each other's network volumes and setting IAM roles can be sniffed straight out of unencrypted HTTPS headers. Don't get me started with Minuteman, Mesos DNS, meshing IPTables rules, and the hundreds of hacks around missing IP-per-container/network virtualization that even Solaris has had for the past 20 years (Crossbow anyone?). The only thing people want right now is AWS in private/hybrid cloud. All the big movers are getting off AWS. If not, they're either too small to matter or are positioning their "cloud partnership" as a buy-out to Ma'Amazon. |
|
|
> Their "Docker support" simply means they use normal Mesos worker processes to shell out to the Docker CLI across a cluster.
This hasn't been true for quite some time now: http://mesos.apache.org/documentation/latest/container-image...
> hundreds of hacks around missing IP-per-container/network virtualization
DC/OS does have network virtualization and IP-per-container: https://dcos.io/docs/1.9/networking/virtual-networks/ip-per-...
Also, what's an unencrypted HTTPS header?