Hey Emmanuel, Emmanuel Seyman via Postfix-users <postfix-users@postfix.org> writes:
> * Nico Schottelius via Postfix-users [18/10/2024 10:55] : >> >> - Others might start using my postfix container due to the lack of an >> official postfix container [2] >> - To avoid that, my recommendation is that the postfix project provides a >> container itself > > This is the part I don't get. Why is others running your postfix > container something to be avoided? What is the difference between > the official postfix container and yours that we should encourage people > to use the former and not the latter? Thanks for clarification, I did not grasp that question fully before. Let me take you a few steps into the "container land": If you want to run application A, the first thing you do is search on one of the container registries. In the best case scenario you get one hit with a lot of favorites/stars/whatever and an indication that the image is official. That means as a user it is trustworthy and you can run your workload with it. Best case scenaro close. 2nd "best" case is you find a bunch of images, some of them higher rated, none of them associated with whomever is producing or maintaining the software. Now you might be inclined to go with the "best rated non official" image, which often is not that well maintained. Maybe missing a few versions, maybe being a few months behind, maybe none of them but you have no clue how "anonymousGreyBeard" is. You start to look into the source Dockerfile and maybe or maybe not you trust the image. Maybe the maintainer decide to change versioning scheme or change the internal container layout - there is simply less trust compared to someone who is committed to application A. Last scenario is that there are a bunch of equally unmaintained, somewhat unclear images related to application A. Maybe having a few, maybe having a lot of pulls, but still unclear. This is the case for postfix at the moment, see [0], [1]. Actually in the last two cases the only thing you can effectively do is build your own and maybe publish the same and join the untrustworthy image list. This is basically what happens if we add yet-another-unofficial image out there. Hope that explains the situation a bit better from a user perspective. [0] https://quay.io/search?q=postfix [1] https://hub.docker.com/search?q=postfix
-- Sustainable and modern Infrastructures by ungleich.ch
signature.asc
Description: PGP signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
