So I load up my services that I need to run on multiple Linux servers into a package, and then distelli will deploy, run and manage those packages.
You're selling a service though - I'm guessing your service will connect into the Linux servers directly (root access?) and manage everything directly. Obviously, that gives your service full access to both the package contents and to the servers themselves. That feels a bit risky - am I correct here?
The service does not connect to the linux server directly. The server runs an agent that connects to the service. You do not run the agent as root. You can give the agent sudoers access but only if you want to do deployments where sudo is required. Most apps do not require sudo so you don't have to give the agent sudo access.
You also do not give distelli access to your code or package . Your code is uploaded to your S3 bucket directly from your laptop or dev machine and the service merely gets a bucket name and s3 key which it passes to the agent.
You're selling a service though - I'm guessing your service will connect into the Linux servers directly (root access?) and manage everything directly. Obviously, that gives your service full access to both the package contents and to the servers themselves. That feels a bit risky - am I correct here?