Oracledbacr, por simple pasión ...-Copyleft Miembro Comunidad Tecnológica de Oracle Latinoamérica: MONDAY SPOTLIGHT: Updated Docker images for Oracle Linux

miércoles, 14 de diciembre de 2016

MONDAY SPOTLIGHT: Updated Docker images for Oracle Linux

Docker is becoming even more popular for customers and users to optimise their deployment processes, particularly when integrated into a Continuous Integration (CI) and Continuous Delivery (CD) pipeline. Docker forms the basis of several Oracle Cloud products, including the Oracle Developer Cloud, Oracle Application Container Cloud and Oracle Container Cloud.

As part of Oracle's ongoing commitment to security, we regularly release updates to the official Oracle Linux base images hosted on the Docker Hub and in the official Oracle GitHub repository. In the past month, we have released 5 updates across the Oracle Linux 5, 6 and 7 images to cover several CVEs that have been fixed.

Here are some tips and tricks to help ensure that applications and services you publish using the Oracle Linux base images are as secure as possible.

Use the version tag to ensure you get the latest version of Oracle Linux

When constructing your Dockerfile, Oracle recommends using FROM oraclelinux:7 to ensure that your build process uses the latest version of the Oracle Linux image hosted on the Docker Hub.

Pull the latest version of the base image before building your image

Docker uses a local cache to improve the performance of building images. However, this can result in images being built using older base images. Before building your image, it's good to update any base images by using the docker pull command. Using the latest image from the Docker Hub means that your images will have the latest security and bug fix errata applied.

Update the image during the build process

Of course, even pulling the latest Oracle Linux base image doesn't ensure that the latest updates have been applied. To be absolutely sure, you can add an update line to your Dockerfile to pull the latest updates during the build process.
For example, to use the Oracle Linux 7 base image and update it during build, you could use something like this in your Dockerfile:

FROM oraclelinux:7 RUN yum -y update && yum clean all

These two directives tell Docker to use the available Oracle Linux 7 base image and then use yum (which is pre-configured inside the official image) to update the image immediately and remove the yum-created metadata. This is required to keep the resulting Docker layer as small as possible.

Use the sample Dockerfiles provided by Oracle

Oracle product teams have published several Dockerfiles on our official GitHub repository to provide base and samples to build your own Docker images. Using these Dockerfiles is an excellent way to start deploying Oracle products using Docker.