Docker, Django, Traefik, and IntercoolerJS: My go-to stack for building a SaaS

[ehou]

For multi tenant deployments. Each tenant gets its own docker-compose in a directory on prod and voila: 100% same code base (same Docker image) and good separation between tenants

[adgud]

Multi-tenant deployments with Docker make sense _only_ if you trust all of the tenants, since it is trivial to take control of the host if you have write access to Docker socket.

You may say that it can be mitigated with some wrapper scripts with limited commands, but then you have to maintain them and we can all agree that homebrew security is very hard to do correctly.

[ehou]

True. We trust all tenants. It's a way of separating tenants beyond database schemas or organization_id columns.

[mherrmann]

Yes, that's an example where Docker might make sense. But I don't think it's very common, or what OP was writing about.