snippetdockerMinor
How to pin OS package versions in Docker image
Viewed 0 times
imagepackagehowdockerversionspin
Problem
Scenario
For obvious reasons I believe that every package installed in a Docker image should have their version nailed down.
That's why in our
For example:
Problem
The upstream repository has changed and the
I'm not sure what brings about this change but I think it has something to do with distros going out of their support-cycle or that old packages are removed/moved somewhere else.
Question
How do I nail the exact version of OS-leveled packages without running into this problem?
Note: I know these 2 options will work but I want to know if there's an easier way out:
For obvious reasons I believe that every package installed in a Docker image should have their version nailed down.
That's why in our
Dockerfile we always enforce the OS package manager to install a specific version of a package.For example:
FROM node:6.10.0
RUN apt-get update \
&& apt-get -y install nginx=1.6.2-5+deb8u6 \
&& apt-get -y install supervisor=3.0r1-1+deb8u1Problem
The upstream repository has changed and the
nginx=1.6.2-5+deb8u6 package is now invalid. I'm not sure what brings about this change but I think it has something to do with distros going out of their support-cycle or that old packages are removed/moved somewhere else.
Question
How do I nail the exact version of OS-leveled packages without running into this problem?
Note: I know these 2 options will work but I want to know if there's an easier way out:
- Make a custom base image
- Download the binaries and
COPYthem into the Docker image
Solution
I'm not sure that this qualifies as an "easier" way, but you could host the specific packages on a server (e.g., Artifactory, S3). You would then have the Dockerfile connect to this location and use the packages from there.
This would allow you to avoid creating a custom base image and you would not have to manually download the packages.
This would allow you to avoid creating a custom base image and you would not have to manually download the packages.
Context
StackExchange DevOps Q#10333, answer score: 2
Revisions (0)
No revisions yet.