Comment on Need tips for moving forward
AmbiguousProps@lemmy.today 3 weeks agoI suppose that it adds technical overhead, but in my opinion the benefit of docker is how easy it is to spin up a new service, and how easy it is to update and maintain them.
tux0r@feddit.org 3 weeks ago
Docker does not even work on my servers - wrong operating system, I guess. Docker containers have one more disadvantage on systems where it does work: the contents of a container aren’t updated when the host operating system is, basically leaving 0-days unpatched longer than absolutely necessary.
AmbiguousProps@lemmy.today 3 weeks ago
Interesting, what OS are you running? I’ve never ran into one that it doesn’t work on so that’s surprising.
I would counter that disadvantage with this: due to testing constraints, docker containers are usually updated more quickly when there’s a 0 day, and you don’t have to patch your entire OS if one single container has one. It reduces operator overhead greatly, because that’s what it’s designed to do. Even if one of your containers has a vulnerability, because it’s a container, it won’t necessarily affect your entire system, depending on the vulnerability.
tux0r@feddit.org 3 weeks ago
I run OpenBSD and OmniOS.
AmbiguousProps@lemmy.today 3 weeks ago
Ah, yeah, OpenBSD would do it. You’d basically be limited to running it in a VM which would have severe overhead. For Linux based stuff, though, it has minimal overhead.