As the we prepare to start using Docker, I’d like to learn some best practices around the technology. Right off the bat, it seems that we shouldn’t use images from public repositories. I’m proposing that we leverage those published docker files to build our own images but that all of our Docker images should start from Scratch, building our own RHEL base image or should, at the least, start from an official Docker image where an image provider has a strong interest in providing secure images without unexpected software, etc.
How do other large users of Docker work with the Docker Hub? How are the Docker images they use created and managed?
Thanks for any feedback.