Container Policy

Running Containers is still (04-2020) in evaluation. Here are the current restrictions

  • not productive
  • no backup
  • no high availability
  • no persistent storage
  • limited resources

Rules

Who creates a container image becomes fully responsible for it. This includes requirement to pro-actively update the images to latest security fixes. We reserve the right to delete images failing security audits without further enquiry.

Who requests a registry project is fully responsible for it. This includes alle contained containers, storage management and user access management.

Who deploys and runs containers becomes fully responsible for the process. This includes resource consumption, fixing, debugging.

We restricted pulling images from any registry beside our internal ContainerRegistry. Do not circumvent this.

Kubernetes Clusters are seperated into namespaces. Each namespace has a responsible person.
Topic revision: r5 - 30 May 2022, ChristophHandel
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback