On Wednesday, February 25, 2015 22:11:55 Alex Efros wrote:
> What is recommended way to update Docker containers with
Gentoo?
docker pull ${NEW_IMAGE}
Somewhat sarcastic but actually true. I don't recommend running
production applications inside of Gentoo based containers.
I highly recommend making containers as small as possible. That
means using statically linked executables and removing all
traces of what we know as a distribution. Production containers
should not be based on Gentoo images.
I see the Gentoo docker images as bases for testing Gentoo
itself which includes making Gentoo an appropriate environment
for running the docker daemon.
I'm sure this *opinion* won't be popular but I feel it's the
right way to go with containerization.
This would still necessitate rebuilding your containers to get
security updates but you could do that in response to CVEs or
other problems in your application without worrying about being
on the bleeding edge.
If you haven't seen gentoo-bb you should check it out.
Regards,
--
Alex Brandt
Cloud Evangelist for Rackspace and Developer for Gentoo
http://blog.alunduil.com
