Comment on GitHub - sergi0g/cup: 🥤Docker container updates made easy
zr0@lemmy.dbzer0.com 1 week agoYeah I saw that plugin a few years ago and it was not ready for production yet.
I am going a whole different route, but have the same motivation: get rid of docker and improve the security.
I will move from docker compose to Nomad. And I will also not use containers itself anymore. I want/need more security. You can achieve this with MicroVM (Firecracker). However, you would need to build those VM images yourself. But there is a solution to it. Kata-containers. They allow to deploy OCI compliant containers into seperate MicroVM’s. Then you have true isolation from the host kernel, while not losing much of start-up time.
trilobite@lemmy.ml 1 week ago
What i read here is concerning. Non that i was getting into the swing of drocker … :-( Is LXC the future then?
zr0@lemmy.dbzer0.com 1 week ago
Docker uses LXC. LXC is actually at the core of many container engines.