The use case is exactly the same as running code inside a Virtual Machine... to run untrusted (and untrustable) code, yet limit its side effects to a clearly defined extent.
It provides capability based security, something Windows, Linux, etc. all lack.
I just use it to update the drive firmware and as a convenient way to check the SMART data for the drive. It doesn't use hardly any resources in the background so I don't worry about it that much.
This seems like a neat accomplishment, but why would I use it? There is mountains of work for standard configurations including security hardening, monitoring, configuration management, etc.
What about this product makes it better than the other options?
I don't use it either, but, it's The Thing in some IT departments.
It does offer some amazing capabilities for making old legacy applications that were never designed to have any semblance of failover or redundancy or disaster recovery operate in impressively resilient ways. You also pay for the privilege.
Also it's not like there aren't legitimate uses for it. My workplace started taking advantage of it to help with remote management of all of our machines. It's useful to have another way in that doesn't rely on the OS being in a good state or even for the machine to be fully powered on.
Same here - I've found a ton of uses, for one I can now access my Home Assistant instance without actually exposing it to the internet. Same for the linux VMs I run via ESXi on the same Intel NUC. I can also access my QNAP NAS without exposing that to the internet which is huge given how many vulnerabilities have been found with it.
It actually allows me to turn my iPad Pro into a proper development machine as long as I have access to the internet since I can write code locally via Textastic, push to my git repo and test via the VM connected to Tailscale. Of course this was possible with a box on DigitalOcean but I prefer not to pay monthly for a machine just for noodling around.
They may not be mainstream but I use them as isolated VM-like application environments, where everything “just works” without having to learn/apply a whole lot of new tools or workflows.
I’m sure there must be others who see the benefit of this approach too?
I use it for dev to more closely mock prod, as well as ensure repeatable builds. It allows me to run all the services we use locally without a separate vm for each.
I don't think you're the target audience. The biggest benefit is simply convenience — lots of folks, myself included, just don't want to have to maintain/install a local instance.
They don't need to be, but many people find it convenient (e.g. to not have to keep a local environment on multiple computers, to trigger builds from other services, ...), thus the services offer it as an option.
Why:
1. After install sometimes I do not have access or prompt access to the machine;
2. It is safe and the need for updates are minimal.
It works..
reply