13 Matching Annotations
  1. Nov 2022
    1. There are two situations where an init-like process would be helpful for the container.
    2. highly recommended that the resulting image be just one concern per container; predominantly this means just one process per container, so there is no need for a full init system

      container images: whether to use full init process: implied here: don't need to if only using for single process (which doesn't fork, etc.)

    3. Because the official images are intended to be learning tools for those new to Docker as well as the base images for advanced users to build their production releases, we review each proposed Dockerfile to ensure that it meets a minimum standard for quality and maintainability. While some of that standard is hard to define (due to subjectivity), as much as possible is defined here, while also adhering to the "Best Practices" where appropriate.
  2. Jan 2021
    1. Snaps each pick a ‘base’, for example, Ubuntu18 (corresponding to the set of minimal debs in Ubuntu 18.04 LTS). Nevertheless, the choice of base does not impact on your ability to use a snap on any of the supported Linux distributions or versions — it’s a choice of the publisher and should be invisible to you as a user or developer.

      Snaps sound a lot like container images in this respect.

  3. Jul 2020
  4. May 2020
    1. Image consumers can enable DCT to ensure that images they use were signed. If a consumer enables DCT, they can only pull, run, or build with trusted images. Enabling DCT is a bit like applying a “filter” to your registry. Consumers “see” only signed image tags and the less desirable, unsigned image tags are “invisible” to them.
    1. In the examples below, we are using Docker images tags to specify a specific version, such as docker:19.03.8. If tags like docker:stable are used, you have no control over what version is going to be used and this can lead to unpredictable behavior, especially when new versions are released.
    1. It is a multi-stage image which reproduces the following operations:Construction of the artefacts in a build imageAvailability of the compilation process in a minimal image