Re: Docker images and security vunerabilities
> The only downside will be for users that are using the BK docker image as > base image, as Ubuntu is very different from Centos and so consumers of the > image will have to do some work while upgrading. How much work would need to be done? Are you just referring to the tooling that exists in the container itself? I think it makes sense to switch to an ubuntu base image as long as the upgrade path isn't too complicated for existing users. Thanks, Michael On Thu, Aug 12, 2021 at 8:32 AM Ivan Kelly wrote: > How did it end up on centos in the first place? > > +1 for moving to ubuntu. > > -Ivan > > On Thu, Aug 12, 2021 at 1:03 PM Enrico Olivelli > wrote: > > > > Hello folks, > > I have found a PR [1] that is about upgrading the base image to Centos 8 > > because the Centos 7 image has some reported vulnerabilities. > > > > I believe that upgrading to Centos 8 could be fine, but it is not enough > to > > cover this kind of problem. > > > > In the Apache Pulsar community we recently switched to Ubuntu [2] and we > > also added an automatic update of the system dependencies while building > > the image with (apt-get -y dist-upgrade). > > > > I propose to switch the base docker image to Ubuntu following Pulsar PR > [2]. > > > > The only downside will be for users that are using the BK docker image as > > base image, as Ubuntu is very different from Centos and so consumers of > the > > image will have to do some work while upgrading. > > > > Thoughts ? > > > > Enrico > > > > [1] https://github.com/apache/bookkeeper/pull/2756 > > [2] https://github.com/apache/pulsar/pull/11026 >
Re: Docker images and security vunerabilities
How did it end up on centos in the first place? +1 for moving to ubuntu. -Ivan On Thu, Aug 12, 2021 at 1:03 PM Enrico Olivelli wrote: > > Hello folks, > I have found a PR [1] that is about upgrading the base image to Centos 8 > because the Centos 7 image has some reported vulnerabilities. > > I believe that upgrading to Centos 8 could be fine, but it is not enough to > cover this kind of problem. > > In the Apache Pulsar community we recently switched to Ubuntu [2] and we > also added an automatic update of the system dependencies while building > the image with (apt-get -y dist-upgrade). > > I propose to switch the base docker image to Ubuntu following Pulsar PR [2]. > > The only downside will be for users that are using the BK docker image as > base image, as Ubuntu is very different from Centos and so consumers of the > image will have to do some work while upgrading. > > Thoughts ? > > Enrico > > [1] https://github.com/apache/bookkeeper/pull/2756 > [2] https://github.com/apache/pulsar/pull/11026
Docker images and security vunerabilities
Hello folks, I have found a PR [1] that is about upgrading the base image to Centos 8 because the Centos 7 image has some reported vulnerabilities. I believe that upgrading to Centos 8 could be fine, but it is not enough to cover this kind of problem. In the Apache Pulsar community we recently switched to Ubuntu [2] and we also added an automatic update of the system dependencies while building the image with (apt-get -y dist-upgrade). I propose to switch the base docker image to Ubuntu following Pulsar PR [2]. The only downside will be for users that are using the BK docker image as base image, as Ubuntu is very different from Centos and so consumers of the image will have to do some work while upgrading. Thoughts ? Enrico [1] https://github.com/apache/bookkeeper/pull/2756 [2] https://github.com/apache/pulsar/pull/11026
