Docker and updates
- 
 So I was reading this article and see this graphic.  I'm wondering, how do you manage updates? From what I can tell, you can update the base OS and it won't affect the containers because they have their own set of the BINs and don't rely on the ones from the OS. OK fine. But what happens when you update one of the containers that shares those BINs with 4 other containers? 
- 
 They way to handle security updates in the OS is to update the base image, then rebuild your application image. 
- 
 Rebuild? Not sure what you mean? Also, where does your data live? 
- 
 Data should live in data volumes and/or data volume containers, the official documentation should help. 
 https://docs.docker.com/engine/userguide/dockervolumes/
- 
 I'm a bit confused by that graphic.... I guess the server layer is .... well a server like Dell R710 I've got  
 Then is the Host OS say ESXi??? And the Docker Engine is a VM running Linux with docker installed?
- 
 That is not how I read it. I read the server layer the same as the hypervisor. Notice the only virtualization this graphic shows is Docker itself... That is why I assume this. 
- 
 @hobbit666 said: I'm a bit confused by that graphic.... I guess the server layer is .... well a server like Dell R710 I've got  
 Then is the Host OS say ESXi??? And the Docker Engine is a VM running Linux with docker installed?Docker is a container, not a VM in the traditional sense. We used to call these "OS Containers" before the latest wave of marketing appeared. This is old tech, not new tech, so think about products we've had for decades. Like Zones and Jails. Containers run on an OS, not on a hypervisor. You should have your OS on a hypervisor and people normally do, but they are not showing that there at all. But it is not mislabeled. You can just as easily run Docker without a hypervisor as you can with one. Docker runs on Linux, Linux should be a VM. 
- 
 I think Dash's question is how do you handle the OS-Layer updates... Say you have Xen -> CentOS -> Docker -> MySQL Container ... What happens to the MySQL Container if the underlying CentOS is updated? 
- 
 @dafyre said: I think Dash's question is how do you handle the OS-Layer updates... Say you have Xen -> CentOS -> Docker -> MySQL Container ... What happens to the MySQL Container if the underlying CentOS is updated? Exactly! 
- 
 The containers contain their own OS. So updating the base platform will not modify the containers. To update a container you update its image and redeploy. 
- 
 Then why do you need and OS under the containers? 
- 
 @Dashrender said: Then why do you need and OS under the containers? Because that's what they run on. They are containers, not VMs. How else would they run? 
- 
 Docker containers run their own OS but share the parent's kernel. They don't have discrete kernels. So if you want to modify the kernel itself, you have to reboot the parent and everything reboots. But libraries and such are all in the containers. 
- 
 That question seems loaded, but I'm guessing it's really not. From what I can tell, the containers don't have a full OS in them, really they only have the OS components that they specifically need to get their job done. As you said, updating the OS won't affect them because the pieces needed by the container themselves are self contained - OK fine - I think I even said that in my OP or a post shortly there after. Which of course means I shouldn't have said exactly to @dafyre post. 
- 
 @scottalanmiller said: Docker containers run their own OS but share the parent's kernel. They don't have discrete kernels. So if you want to modify the kernel itself, you have to reboot the parent and everything reboots. But libraries and such are all in the containers. Where, is the flexibility vs a straight up VM, then? Each VM also contains its own Kernel, so any tweaking that I desire can be done inside the VM without affecting the Host OS (Xen, Hyper-V, et al). I get live Migration with VMs... 
- 
 @dafyre said: @scottalanmiller said: Docker containers run their own OS but share the parent's kernel. They don't have discrete kernels. So if you want to modify the kernel itself, you have to reboot the parent and everything reboots. But libraries and such are all in the containers. Where, is the flexibility vs a straight up VM, then? Each VM also contains its own Kernel, so any tweaking that I desire can be done inside the VM without affecting the Host OS (Xen, Hyper-V, et al). I get live Migration with VMs... Docker is about application flexibility, not OS tweaking. You can't tweak a Docker container, it is set and forget. Docker is about making deployments fast, easy and dense. The DevOps ecosystem doesn't let you tweak running systems anyway. If you want to log in and tweak running systems, you are in a snowflake systems administration model. You have to separate the two mindsets, they work on completely different problem sets. 




