Unattended docker container updates
To keep your container infrastructure up to date and therefore secure, there are two primary objectives that you need to achieve: Keep the host‘s operating system up to date Keep the content of your containers up to date Update the operating system Updating your operating system is quite straight forward. Just use the well known package managers to do the job for you. E.g. for Debian this would be as easy as running apt-get update && apt-get upgrade on a regular basis. Continue reading
Docker Image Review: jwilder/nginx-proxy
Ever wondered wether there is a good alternative for scenarios, where a full featured ingress proxy would be overkill? Here it comes:
jwilder/nginx-proxy. The image can especially be useful when setting up an ingress concept for the first time. Nginx is well known in the world of classic server administration and web hosting. So why not use your familiar web server also in your containerised environment?
Docker containers are insecure
Everybody knows how to keep a linux box updated. It is also common sense that running things in docker containers is more secure by definition. After all they isolate services from each other. So if you are running containers on a fully patched host, there should be no security holes at all. Not even close! Keeping containers up to date is a total different thing. That brings up the questions how to keep your containers up to date, and how to decide wether containerising is really worth it in your scenario.
Continue reading