Rich Freeman on 24 Aug 2016 11:07:17 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Docker Best-practices guide / intro?

On Wed, Aug 24, 2016 at 12:28 PM, Andrew Libby <> wrote:
> We never patch live containers.  We rebuild images and re-create the
> container.  As long as you adhere to one step build and have a good way
> to destroy/ re-crteate your containers this is pretty straight forward.
> I've done things like having a script for each container or used systemd
> units.

I'd really prefer not to go this route.

Typically I shut down a container, snapshot it, start it up, run
updates, shut it down, snapshot again, start back up, and test, then
either leave in production or roll back.

The problems with building from scratch each time are:
1.  In order to figure out how to build one I need to first take lots
of notes while I get one working.  Then I'd need to fuss with the
scripting system to automate it.  Or I could just call it done as soon
as I've gotten it working in the first place and I don't even need to
take notes.  I never deploy more than one instance of a container
typically.  If I did I'd probably give that more thought.
2.  Most often my containers will run Gentoo, and building that from
scratch every time I want to do updates is going to be time-consuming,
and failure-prone.

This has been one of the things keeping me off of Docker.  I might
just stick with nspawn, but I can also see the value in moving to
Docker if it makes sense and I don't end up fighting it.

My containers do only run one application.  They're rarely completely
stateless though.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --