Comment on GitHub - sergi0g/cup: 🥤Docker container updates made easy

<- View Parent
zr0@lemmy.dbzer0.com ⁨1⁩ ⁨week⁩ ago

Yeah I saw that plugin a few years ago and it was not ready for production yet.

I am going a whole different route, but have the same motivation: get rid of docker and improve the security.

I will move from docker compose to Nomad. And I will also not use containers itself anymore. I want/need more security. You can achieve this with MicroVM (Firecracker). However, you would need to build those VM images yourself. But there is a solution to it. Kata-containers. They allow to deploy OCI compliant containers into seperate MicroVM’s. Then you have true isolation from the host kernel, while not losing much of start-up time.

source
Sort:hotnewtop