Re: Official cloud image requirements
> 1. Security, not from cloud providers themselves, but from other cloud
> customers via sidechannel attacks such as meltdown. The risk is small,
> but IMO greater than the risk of the cloud provider itself doing
> anything nefarious. (Keep in mind that all major cloud providers have
> taken sophisticated steps to mitigate this class of risks at the
> hypervisor level, above & beyond what's already in Xen, KVM, etc,
> possibly implemented in custom hardware.)
>
> 2. Neutrality. Debian could build images on a single cloud service, but
> that might be seen by some as an endorsement of that service. By
> building the images "in-house", we avoid such perception. We could
> mitigate this concern by building images for a given provider on that
> provider's service, but that just adds complexity and is not worth the
> effort.
Also, 3. Infrastructure management. The Debian sysadmin team doesn't
operate any resources in a public cloud, so we'd be on our own if we
chose to run there. We'd lose out on any kind of hardening, monitoring,
and other management benefit from running on DSA-maintained
infrastructure if we did that. We could surely make it work, but
without a compelling reason to do so, we should stick with DSA-managed
resources.
noah
Reply to: