1 |
On Wednesday, February 25, 2015 22:11:55 Alex Efros wrote: |
2 |
> What is recommended way to update Docker containers with |
3 |
Gentoo? |
4 |
|
5 |
docker pull ${NEW_IMAGE} |
6 |
|
7 |
Somewhat sarcastic but actually true. I don't recommend running |
8 |
production applications inside of Gentoo based containers. |
9 |
|
10 |
I highly recommend making containers as small as possible. That |
11 |
means using statically linked executables and removing all |
12 |
traces of what we know as a distribution. Production containers |
13 |
should not be based on Gentoo images. |
14 |
|
15 |
I see the Gentoo docker images as bases for testing Gentoo |
16 |
itself which includes making Gentoo an appropriate environment |
17 |
for running the docker daemon. |
18 |
|
19 |
I'm sure this *opinion* won't be popular but I feel it's the |
20 |
right way to go with containerization. |
21 |
|
22 |
This would still necessitate rebuilding your containers to get |
23 |
security updates but you could do that in response to CVEs or |
24 |
other problems in your application without worrying about being |
25 |
on the bleeding edge. |
26 |
|
27 |
If you haven't seen gentoo-bb you should check it out. |
28 |
|
29 |
Regards, |
30 |
|
31 |
-- |
32 |
Alex Brandt |
33 |
Cloud Evangelist for Rackspace and Developer for Gentoo |
34 |
http://blog.alunduil.com |