Docker has grown up. Have you?
Back in 2015, Docker was shiny and new. You probably ran your first container with something like:
docker run -i...
Some comments have been hidden by the post's author - find out more
For further actions, you may consider blocking this person and/or reporting abuse
Using docker from 4 years ago and I don't know about docker compose watch , lol
came here to say the same thing. looking forward to trying this soon.
tbf thats still a relatively new feature i think!
insane how many folks still do the old stuff - switching up even a couple habits makes a way bigger difference than youd think
I use docker compose in dev & production all the time. Works seamlessly.
Most of these are clear to me, but what's the harm of the version field ? Obviously remove when you notice it, but hardly the most urgent to fix ? Or does it cause some issues I'm not aware of ?
not urgent, just overhead :D
It may seem contradictory but it is not: one of the main ways to stay in the market is to maintain the legacy.
not sure what value is there in maintaining outdated beliefs about what docker can or cant do :D
This article is really eye-opening to me. Thank you for sharing, Jonas.
I loved reading it. I will try to implement these shortly.
Nice!
Thank you I needed this 😅
Youre not alone 😆
best adv ever!
cool! thanks for sharing 😍
Great article, thanks for sharing.
I have a FREE e-book related to Docker Interview Questions.
You can access it from here
Type your email to receive upcoming editions for free when it is released.
Happy reading!
default root user is ok, because the core of Docker is full control in a sandbox by design.
that assumes that your sandbox is always going to be 100% secure, which by definition is pretty much impossible and happend before (CVE-2022-0847, CVE-2019-5736)
the security problem in insecure environment (linux) is not related to docker only.
Yes, of course. But if your kernel is compromised, a root container can make it just a bit worse. Defense in depth still applies here imo
It's simply not true about healthchecks. Docker or docker compose will not restart service when it's not healthy, it will only mark it as such. Docker Swarms can do that