I’ve been reading about and studying docker for the last few weeks and can’t seem to get around an inherent flaw. Containers are great and their benefits are large in number, but patching seems to be a huge barrier. If I have a web application running for 2 months straight in containers and something like the Heartbleed vulnerability is released, I will have to redeploy all the containers once I patch openssl in the image. Is there a better way to do this?
mbw290 (Mbw290) #1