A container orchestrator manages the lifecycles of containers, especially in large, dynamic environments. Which of the following is the most crucial enabler for an orchestrator to manage containerized applications? (Wentz QOTD)
A. Change management
B. Continuous integration
C. Continuous testing
D. Configuration management

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Configuration management.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

When deploying container-based applications, we can use a container orchestrator to provision and manage containers. It implies change requests are approved and implemented, integration and testing have been completed, and authorization to operate (ATO) has been granted. To effectively deploy container-based applications with an orchestrator relies on good configuration management.

When you use a container orchestration tool, like Kubernetes or Docker Swarm (more on these shortly), you typically describe the configuration of your application in a YAML or JSON file, depending on the orchestration tool.

These configurations files (for example, docker-compose.yml) are where you tell the orchestration tool where to gather container images (for example, from Docker Hub), how to establish networking between containers, how to mount storage volumes, and where to store logs for that container.

Typically, teams will branch and version control these configuration files so they can deploy the same applications across different development and testing environments before deploying them to production clusters.

Source: Isaac Eldridge

Infrastructure as Code (IaC)

Immutable infrastructure is programmable, which allows for automation. Infrastructure as Code (IaC) is one of the key attributes of modern infrastructure, in which an application can programmatically provision, configure and utilize the infrastructure to run itself.

Source: thenewstack

Reference

• What Is Container Orchestration?
• What is container orchestration? (VMWare)
• What is container orchestration? (IBM)

---

容器編排器(orchestrator)管理容器的生命週期，尤其是在大型動態環境中。 以下哪一項是編排器管理容器化應用程序最重要的推動因素？ (Wentz QOTD)
A. 變更管理
B. 持續集成
C. 持續測試
D. 配置管理