I'm not one to write negative reviews of open source tech. Typically, everyone has skin in the game for one reason or the other, and diversity in tech is positively great.
But Mesosphere DC/OS is purely advertising and marketing driven.
Their "Docker support" simply means they use normal Mesos worker processes to shell out to the Docker CLI across a cluster. They tightly wrap Hashicorp Vault and label it their own solution. Marathon has terrible support for security and application deployments geared toward enterprise teams. Hell, deployments can write over each other's network volumes and setting IAM roles can be sniffed straight out of unencrypted HTTPS headers. Don't get me started with Minuteman, Mesos DNS, meshing IPTables rules, and the hundreds of hacks around missing IP-per-container/network virtualization that even Solaris has had for the past 20 years (Crossbow anyone?).
The only thing people want right now is AWS in private/hybrid cloud. All the big movers are getting off AWS. If not, they're either too small to matter or are positioning their "cloud partnership" as a buy-out to Ma'Amazon.
Holy moly, that is a helpful link. I had been doing it the old-fashioned way that used the server key. It's so great that browsers added support for logging session keys.
Maybe in the future, but right now there is no clear way to manage a collection of random on premise Windows VM's, which is what many enterprises have, with the full Azure toolset.
Then you have the clients no one else wants (maybe that's why you have that username?). You can keep them.
Smart people go after customers willing to pay more.
Actually, I have some old cheap clients I fired some time ago... Should I send them your way? They need someone to yell at and then laugh at when the cost of their needs are quoted.
I'm sure this will make tons of money and will be amazingly useful as a hip tool for those developers we all know. But honestly the rest of us build this kind of stuff into our company dashboards without thinking twice. Where it belongs, in the hands of an internal team who can share the monitoring of more than $20 worth of "snitches".
You fail to take into account the small team, whose only objective - or at least that which consumes 99.9% of the brain share - is getting a product out the door and keeping the user-facing part of it running.
If supporting, contributing and deploying to open source software makes me cheap than so be it. I'm ecstatic at the chance to share that technology with my clients and to help them give it back where applicable.
I hope your endeavors continue to make you happy with your means as they do mine.
Instead of focusing on the pull request maybe we should think about better vulnerability trajectories. Next time don't make a pull request. Just fork the project, add some dumb feature someone will want or need, then leave your fork out there on Github. Morons will pull it down and use it without ever checking the code.
But Mesosphere DC/OS is purely advertising and marketing driven.
Their "Docker support" simply means they use normal Mesos worker processes to shell out to the Docker CLI across a cluster. They tightly wrap Hashicorp Vault and label it their own solution. Marathon has terrible support for security and application deployments geared toward enterprise teams. Hell, deployments can write over each other's network volumes and setting IAM roles can be sniffed straight out of unencrypted HTTPS headers. Don't get me started with Minuteman, Mesos DNS, meshing IPTables rules, and the hundreds of hacks around missing IP-per-container/network virtualization that even Solaris has had for the past 20 years (Crossbow anyone?).
The only thing people want right now is AWS in private/hybrid cloud. All the big movers are getting off AWS. If not, they're either too small to matter or are positioning their "cloud partnership" as a buy-out to Ma'Amazon.