[derefr]

> Docker on the other hand is not just a third-party library in your project. Docker is a container

What's the difference, exactly? In either case, a failure in the code composing the third-party component can, at worst, cause an instance of your application to crash and corrupt state, preventing instances on that machine from coming back up.

But as long as you've got immutable deployments[1] set up, when all else fails, you can just destroy the server (hosting the containers) hosting your app instances, and deploy it afresh, which should be automated to the point that it only takes a few minutes.

[1] http://chadfowler.com/blog/2013/06/23/immutable-deployments/

[bjt]

When talking about whether something like Docker is production-ready, the "at worst" can be a lot worse than that, particularly where security is concerned. Months back they found that Docker's API wasn't sufficiently locked down, for example, and could be accessed by an untrusted process. So they changed that and locked it down.

I don't see anything unreasonable about waiting to use a package until the devs themselves say it's "production ready".