Container Policy

Running Containers is still (04-2020) in evaluation. Here are the current restrictions

• not productive
• no backup
• no high availability
• no persistent storage
• limited resources

Rules

Who creates a container image becomes fully responsible for it. This includes requirement to pro-actively update the images to latest security fixes. We reserve the right to delete images failing security audits without further enquiry.

Who requests a registry project is fully responsible for it. This includes alle contained containers, storage management and user access management.

Who deploys and runs containers becomes fully responsible for the process. This includes resource consumption, fixing, debugging.

We restricted pulling images from any registry beside our internal ContainerRegistry. Do not circumvent this.

Kubernetes Clusters are seperated into namespaces. Each namespace has a responsible person.