Comments (9)
Hi,
People who do that are doing it wrong (first off, you should always specify a tag name in your FROM directive, i.e. FROM debian:wheezy
. And apt-get dist-upgrade is unnecessary, as well as bad practice -- see rule 3). Our images are updated frequently (we had heartbleed-proof images the day following the announcement of the vulnerability). If you believe an image needs to be updated but isn't, feel free to contribute to the project via pull requests.
from official-images.
The Dockerfile Reference states:
FROM
FROM <image>
Or
FROM <image>:<tag>
...
If no tag is given to the FROM instruction, latest is assumed. If the used tag does not exist, an error will be returned.
Are you saying the documentation is wrong?
Rule 3 states "Updates will be baked into the based images you don't need to apt-get upgrade your containers." That's great in theory but it's not working in practice:
$ docker run -ti debian:stable
root@9fcd5e791b4d:/# apt-get update
...
root@9fcd5e791b4d:/# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
base-files dpkg
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
FAIL! I need to upgrade my container.
Even if I don't apt-upgrade
it's impossible to install packages without apt-get update
to avoid errors like this:
$ docker run -ti debian:jessie
root@c87099dd2f68:/# apt-get --assume-yes install npm
...
Err http://http.debian.net/debian/ jessie/main libssl1.0.0 amd64 1.0.1g-1
404 Not Found [IP: 108.59.10.97 80]
Err http://http.debian.net/debian/ jessie/main libgmp10 amd64 2:5.1.3+dfsg-1
404 Not Found [IP: 108.59.10.97 80]
Err http://http.debian.net/debian/ jessie/main libsqlite3-0 amd64 3.8.4.1-1
404 Not Found
Rather than asking me to submitting a pull request for you to update the base image every day, why not automate the process?
from official-images.
@NodeGuy Updating the images needlessly every single day isn't the right way to do this. If you have to update some critical package which has been included in the base image, you can apt-get update
first and then reinstall that package to get the latest package.
Images are going to be updated periodically, when there's a security vulnerability and when a bug has been reported and fixed in a package.
Yes, apt-get update
as the first step during build will still be required to ensure the lists of packages are up to date. This step is part of the best practices. Updating images daily isn't required.
If you don't like the fact that these images don't include the latest packages and latest package lists, you can always build your own images using mkimage-debootstrap.sh from https://raw.githubusercontent.com/dotcloud/docker/master/contrib/mkimage-debootstrap.sh
from official-images.
@unclejack OK, thanks for the explanation.
from official-images.
I do not understand how updates to base images are pulled into my system.
Take for example these images on my installation:
$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
[…]
ubuntu 14.04 5506de2b643b 11 weeks ago 199.3 MB
ubuntu latest 5506de2b643b 11 weeks ago 199.3 MB
The Ubuntu image is certainly outdated, since the official-images repository was updated "20 days ago" (according to github). Still the image on my system is far older. Why?
from official-images.
@devurandom Your local image doesn't get updated automatically - therefore, the Ubuntu image on your machine represents what was available when you last pulled it from the official repo.
If you would like to update your Ubuntu image to match what is currently in the repo, you need to run docker pull ubuntu
, and then rebuild any of your images that are FROM ubuntu
.
As far as the Ubuntu image in the official-images repository being outdated, we update the Ubuntu image as soon as upstream releases their core tarball. If you feel that is not frequent enough, take it up Canonical.
from official-images.
Thanks for this hint!
("outdated" was referring to the image on my system, not to the ones provided by you.)
from official-images.
docker pull -a ubuntu
will pull all tags associated with ubuntu (which might be more than you currently have), or just docker pull ubuntu:tag
for each version you need.
from official-images.
Oooh, good catch @yosifkit. Definitely something I should have mentioned! 👍
from official-images.
Related Issues (20)
- Error relocating /usr/lib/libcurl.so.4: SSL_get0_group_name: symbol not found
- Rust 1.77.2-slim arm64 Images Missing HOT 2
- Odoo release number in tag HOT 2
- An issue with nginx 1.25.5 manifest. HOT 4
- Using gpu on Orangepi Rk3588 Board HOT 1
- no you HOT 5
- Broken release: SonarQube 9.9.5 tags do not support the arm64 architecture. HOT 3
- Broken Release: MySQL 8.4.0 HOT 1
- Fix CVE-2023-24538 and CVE-2023-24540 HOT 2
- can not find mariadb:10.11.8 images in https://hub.docker.com/_/mariadb HOT 1
- "operation not permitted", a `libseccomp` story HOT 1
- [incident] Alpine 3.20 seccomp issues (arm32v6, arm32v7, i386, riscv64, ppc64le) HOT 13
- Review request for MariaDB UBI based image HOT 1
- influxb image: platform in image-index and image-config do not match HOT 5
- missing arm64v8 layers in MariaDB image HOT 3
- Official Chiselled Ubuntu images support? HOT 4
- Resolve critical and high vulnerabilities in node:lts-bookworm base image HOT 5
- Deprecation of image formats in older published images HOT 2
- Introduce `riscv64` tag for Ubuntu:24.04 HOT 2
- Rabbitmq update PR not created HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from official-images.