Some time ago C&CZ experimented with remotely managing docker containers. This turned out to be a success and a failure. A success because it filled a niche, and a failure because we had not thought through all the security implications.
We are currently looking at launching a new system for managing containers called Uncloud. The security boundary for this will be a virtual machine. I.e. we supply you with a virtual machine with Uncloud running and you and your colleagues can control it using the Uncloud tooling.
Uncloud offers a remote and distinct interface to docker. But it looks very much like docker compose or the (semi-deprecated) docker swarm. And there is good documentation.
It also supports clustering, in that mode we give you multiple virtual machines and you decide what runs on what machine (or on all). Currently all ingress is proxied by Caddy and it only supports HTTP, but other protocols is being worked on.
As with our previous – test – setup you can also interact with Uncloud via GitLab environments, meaning things like deploy-on-green can be made to work automatically.
One avenue we are thinking this would be useful is to fully host an entire web-stack, including the database, so that you as user control the entire environment. And for backups of persistent data we provide you with an S3 backup and a ready-made container that backups to it, also taking us out of the loop.
We know there is a “market” for this kind of tooling and we are likely to use it to host internal C&CZ deployments as well, but it would be nice to know if there is demand within the faculty.
If you want to learn more and/or be included in the early trials contact us or mail directly.