I can’t seem to wrap my head around (Docker) containers and especially their maintenance.
As I understand it, containers contain a stripped-down OS that shares some resources with the host?
Or is it more like a closed-off part of the file system?

Anyway, when I have several containers running on a host system,
Do I need to keep them all updated separately? If so, how?
Or is it enough to update the host system, and not worry about the containers?

  • Björn Tantau@swg-empire.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 day ago

    Also, they are supposed to give easy security, buf NGINX runs as root? There is a rootless variant

    I guess the idea/hope is that they can’t break out of their container.