Hosting End-Of-Life Fedora Base images?
przemek.klosowski at nist.gov
Mon Jul 20 18:46:32 UTC 2015
On 07/20/2015 02:13 PM, Dennis Gilmore wrote:
> On Monday, July 20, 2015 01:00:34 PM Josh Boyer wrote:
>> On Mon, Jul 20, 2015 at 12:39 PM, Adam Miller
>> <maxamillion at fedoraproject.org> wrote:
>>> There was an issue ticket filed against the Fedora Docker Base
>>> Images github repo requesting that older End-Of-Life'd (EOL'd)
>>> Fedora releases be made available as docker images ...
>> Even if this is positioned as "archival" or "research", I think
>> providing these after EOL is simply going to lead to further use of an
>> EOL Fedora. That is essentially setting up those users for security
>> exploits and a poor user experience when none of their bugs will be
> I agree with Josh 100% here. we should not enable people to run unsupported
And there's the rub---containers are about creating isolated
environments for a specific integration purpose.
Unfortunately, updating and patching is at cross purposes to that, so we
have this creative tension :).
Modern package-based systems like Fedora achieved a practical "patch
early and often" setup with responsive security posture, but they are
subject to creeping subsystem incompatibilities. Containers deliver
integrated systems that address very well the initial requirements, but
I haven't seen a good story on how they respond to dynamical security
demands. So far their track record is not so good ( "over 30% of
official images in Docker Hub contain high priority security
I am really curious how will this play out.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the devel