i’m pretty new to docker, so excuse if the questions are easy.
We have two server running about 20 virtual machines. Sometimes load is high, so i’m thinking to migrate the VM’s to Container. Host OS is SLES 12 SP5.
The VM’s have different flavors of Linux, some Ubuntu (from 12.04 to 20.04) and some Suse (9.2, SLES 10 SP4, SLES 11 SP4, SLES 12 SP5).
Most servers run Databases and Web Server. Is it possible to create images by myself ? Can i, for example, extract from an old Suse 9.2 the required
libraries and programs (Postgres, MySQL, httpd) and script languages like perl or php and create with this an image ?
Second questions: what is about Updates ? For the modern Operating systems like SLES 12 SP5 i get regulary Updates.
It is pretty easy to install them with the packet manager, also in an automatic manner.
But what if i have an Apache Container and for this version are new Updates available ?
Do i depend that someone, maybe me, build a new image with these Updates ?
Is there a way to automate this procedure ?
You can easily build your own images for recent OS versions – their base images are regularly updated, and you can use the package manager to update packages or even add additional repos to install further packages.
You can either use repo packages or download provided release packages. This is pretty much up to you.
Patch management for containers is usually done by creating new images and deploying containers based on the updated images.
Depending on whether you can use the official image or from a trusted source, like bitnami images, the patch management is done for you from them - whenever they create a new image, it will be available on dockerhub. But if you depend on having a specific os for those applications, you might need to build and maintain your own images. Of course this can be automated using ci-pipelines that can build a new image based on files called Dockerfiles, which are blueprints about how the image should be created.
The whole cloud and container world heavily depends on automation… none of both would have been successful, if people would be required to do everything manually.
May I suggest this fabulous free self-paced docker training. It will provide a solid foundation about the concepts of docker and how things are done with it.
One more thing: I have never met a gov or enterprise customer that containerized databases. You can sometimes find containerized databases in dev or test environments. But as soon as you reach the stage for load and performance tests or integration tests, the database is either a manged (cloud) service, a vm or a bare metal machine. Of course the same is true for the production environments.
In homelabs on the other side, people often use containerized databases.
You can easily build your own images for recent OS versions
You say “easy build of recent OS”. What is about old OS, like Suse 9.2 ? Are there images available ? Or can i build my own image from a running Suse 9.2 ?
Depending on whether you can use the official image or from a trusted source, like bitnami images, the patch management is done for you from them - whenever they create a new image, it will be available on dockerhub.
Feel free to check dockerhub for the existence of old OS versions. As I have no use for this kind of information, I will leave the research task to you.
Though, even if the images exist, I am not sure if an OS vendor has interest in keeping repos alive for OS versions that are EOL. Installing packages might beccome a bit of an issue, unless you already maintain your own repos for that specific version. Since containers share the host’s kernel (in their own isolated namespaces), you might experience that some older OS versions simply don’t work with the host’s kernel if it’s newer that the kernel the OS version was designed for.
Regardless of that, I don’t even want to imagine the number of vulnerability that came free of charge with them.
It depends on what you are looking for.
If you just want to pull images from public repositories → yes (but there is a rate limite)
If you want to create own public repos and push image to it → yes
If you want to use the automated build feature from dockerhub → no
If you want to create own private repos → no.