1

I am making my own Dockerfiles for several services, and I noticed that most of them have an apt install command in their RUNs, thus everytime I reinstall the image, it gets upgraded to the latest.

I am afraid sooner or later some programs could fail with this method, as I configure them with pre-made configuration files and then mount them into the containers, with newer versions some preferences might became deprecated, obsolete or just make containers and their programs stop servicing.

I thought about specifying the package version in the apt like apt install apache2=x.y.ubuntu-z and so on, but the Ubuntu repos only store one or two versions of them (again, the latest).

Is there any good way I could achieve this so I can be completely sure what versions of programs are being installed, and then upgrade them periodically in a safe testing environment? I really do not want to "trust" everything will work as expected for long time as long as I install apache2 instead of apache3 and so on.

Thanks in advance.

David Tabernero M.
  • 864
  • Don't think there is ever a way you can be completely sure nothing will ever break. – mikewhatever Oct 27 '18 at 22:56
  • @mikewhatever Thanks for answer. Of course, but I do not want to be sure everything will work, I want to be sure the versions installed are those I specified. – David Tabernero M. Oct 27 '18 at 22:59
  • 2
    This came up in review for closure, but I think it's a good question. David, are you able to snapshot a known good version of Ubuntu and create new Docker containers from that snapshot? Sorry I don't use Docker so have no clue. – Tom Brossman Oct 29 '18 at 16:34
  • @TomBrossman I do not think such thing is highly recommended (if even possible). The point of Docker is being able to "generate" a image from a file with instructions, and will always be almost the same image. Then if the best solution is to make a snapshot, then I would think about automatizing virtual machines. – David Tabernero M. Oct 29 '18 at 16:58

1 Answers1

2

Recently I discovered that Debian made snapshots of their repositories so any Debian distribution is able to connect, update with those sources, and download specific versions of binaries from any past date.

I guess this should also work with Debian-based containers (which is my case), so I will post this as temporary response, at least until I test if this really works, (or someone post a better solution, of course).

Thanks anyway.

David Tabernero M.
  • 864