In looking at the Docker technology and it’s underlying reliance on LXC, as well as our own roadmap, we saw incredible alignment. Creating and managing gears is hard work. By utilizing Docker these bits will be easier. That work combined with the work Krishna Raman has been doing on OpenShift gears in Origin makes it easy to see how Docker fits in to this picture. This is one major benefit for OpenShift in that we now have an even more secure environment than before. By adding additional container features to our user’s processes we have additional redundancy built in should any of the security features fail. Break out of SELinux? Doesn’t matter, you’re still in a container. Break out of the container and get root? SELinux keeps you stuck in a high security computing environment–look for yourself! It’s not 100% secure and no environment is, but this is a multi-layered security solution and that’s a better computing environment for our users.
Technical Thoughts on OpenShift and Docker