A Freelance DevOps doing container stuff and automating unhealthy amounts of software.
Need something automated or containerized? Feel free to hit me up :)
I am willing to debate this.
Latest is absolutely crucial in build-processes.
To give you an example:
rhel-minimal -> nginx -> some-webapp
The minimal image gets patched regularly, so should the nginx, and afterwards so should the webapp image.
All of these can and should contain latest in the FROM Tag, if there is no "backwards-compatibility" bloat you are carrying around.
Always use latest in CI. Why update tags, if you can force-pull latest and have a guaranteed latest patch-set?
Where you should avoid latest at all cost, is when deploying. Never deploy a latest tag.
But in the FROM-Instruction, if you don't use latest, you better have a damn good explanation for it.
Hi Raphael
I'm glad someone like you that knows about containers reply to my post.
I believe that I wasn't so clear what I wanted to say. I just wanted to say that to developers that start use Docker recently and don't know what they are doing. They usually don't know about all docker features and don't build their containers. They just use docker because they don't want to install some dependencies natively.
If you are working with Dockerfile to build your application, probably you will not have a problem like that. You already using docker right and you know what are you doing. I use the latest tag too in cases like your example. It has a lot of benefits like keeping your application most security.
I'm sorry if I wasn't so clear. I was anxious to write my first post here and to share a problem that I had.
A Freelance DevOps doing container stuff and automating unhealthy amounts of software.
Need something automated or containerized? Feel free to hit me up :)
Don't let me discourage you, your points are absolutely fair and reasonable.
The only gripe I had was with the line:
It is only a generic term that isn't useful in the practice.
Because it is, once you get to the point of implementing a CI :D
For beginners, regarding the context of "pull an image and run it", you are perfectly right.
Deploying/Running a latest tag is absolutely terrible and bad.
I hope I didn't scare you away, we absolutely need more Container stuff here and you are definitely going in the right direction :)
Keep up the good work!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I am willing to debate this.
Latest is absolutely crucial in build-processes.
To give you an example:
rhel-minimal -> nginx -> some-webapp
The minimal image gets patched regularly, so should the nginx, and afterwards so should the webapp image.
All of these can and should contain latest in the FROM Tag, if there is no "backwards-compatibility" bloat you are carrying around.
Always use latest in CI. Why update tags, if you can force-pull latest and have a guaranteed latest patch-set?
Where you should avoid latest at all cost, is when deploying. Never deploy a latest tag.
But in the FROM-Instruction, if you don't use latest, you better have a damn good explanation for it.
Hi Raphael
I'm glad someone like you that knows about containers reply to my post.
I believe that I wasn't so clear what I wanted to say. I just wanted to say that to developers that start use Docker recently and don't know what they are doing. They usually don't know about all docker features and don't build their containers. They just use docker because they don't want to install some dependencies natively.
If you are working with Dockerfile to build your application, probably you will not have a problem like that. You already using docker right and you know what are you doing. I use the latest tag too in cases like your example. It has a lot of benefits like keeping your application most security.
I'm sorry if I wasn't so clear. I was anxious to write my first post here and to share a problem that I had.
Thank you!!!
Don't let me discourage you, your points are absolutely fair and reasonable.
The only gripe I had was with the line:
Because it is, once you get to the point of implementing a CI :D
For beginners, regarding the context of "pull an image and run it", you are perfectly right.
Deploying/Running a latest tag is absolutely terrible and bad.
I hope I didn't scare you away, we absolutely need more Container stuff here and you are definitely going in the right direction :)
Keep up the good work!