Offhand, the major benefits for your use case seem to be:
- Speed and Flexibility: Extremely quick turn around time from development to production; Docker images usually start in under 10s and multiple images can be run concurrently. If a user needs to update their running service(s), they can even have multiple versions running at the same time behind something like HAProxy (which itself could be in another Docker container), allowing real-time migration.
- If your users build their images and test them on their own machines, they can then deploy the same images to your production machines with the knowledge that (barring unusual circumstances) they will have the same exact image and dependencies running there. This means no need to write a recipe, less worries about security, and more freedom for your users to use whatever libs they deem necessary (assuming such freedom is allowed).
- If running images directly is not doable for security reasons, your users could use Dockerfiles [1] which still allow you the benefits of Docker but with the ability to review all commands used to create the image. They can even be built in real-time off of GitHub pushes [2] (disclosure: I'm a co-founder at Quay.io)
- Speed and Flexibility: Extremely quick turn around time from development to production; Docker images usually start in under 10s and multiple images can be run concurrently. If a user needs to update their running service(s), they can even have multiple versions running at the same time behind something like HAProxy (which itself could be in another Docker container), allowing real-time migration.
- If your users build their images and test them on their own machines, they can then deploy the same images to your production machines with the knowledge that (barring unusual circumstances) they will have the same exact image and dependencies running there. This means no need to write a recipe, less worries about security, and more freedom for your users to use whatever libs they deem necessary (assuming such freedom is allowed).
- If running images directly is not doable for security reasons, your users could use Dockerfiles [1] which still allow you the benefits of Docker but with the ability to review all commands used to create the image. They can even be built in real-time off of GitHub pushes [2] (disclosure: I'm a co-founder at Quay.io)
[1] http://docs.docker.io/en/latest/reference/builder/ [2] http://blog.devtable.com/2014/03/link-your-quayio-repositori...