> it allows developer teams to control the OS without dealing with sysadmins
Isn't this the way it should be, to some extent?
Developers make the "what" and "how" decisions for the application, sysadmins make them for the environment. Containers provide a clean separation of responsibilities. Decision-making and implementation are aligned with the feedback and results.
Except that developers usually either don't care about the underlying issues of managing the OS, or don't have the skillset. They are focused on developing the product/features, not on ensuring that images have security patches, or even if the environment is secure is any way (file permissions, network ports, etc...). Those issues are large enough that they require dedicated resources (evidenced by the existence of professions in Operations), and moving them to a container generally just allows developers to ignore them -- not to take over the responsibility.
Isn't this the way it should be, to some extent?
Developers make the "what" and "how" decisions for the application, sysadmins make them for the environment. Containers provide a clean separation of responsibilities. Decision-making and implementation are aligned with the feedback and results.