6

Scenario

For obvious reasons I believe that every package installed in a Docker image should have their version nailed down. That's why in our Dockerfile we always enforce the OS package manager to install a specific version of a package. For example:

FROM node:6.10.0

RUN apt-get update \
      && apt-get -y install nginx=1.6.2-5+deb8u6 \
      && apt-get -y install supervisor=3.0r1-1+deb8u1

Problem

The upstream repository has changed and the nginx=1.6.2-5+deb8u6 package is now invalid.

I'm not sure what brings about this change but I think it has something to do with distros going out of their support-cycle or that old packages are removed/moved somewhere else.

Question

How do I nail the exact version of OS-leveled packages without running into this problem?

Note: I know these 2 options will work but I want to know if there's an easier way out:

  1. Make a custom base image
  2. Download the binaries and COPY them into the Docker image
chicks
  • 1,911
  • 1
  • 13
  • 29
Tran Triet
  • 879
  • 3
  • 11
  • 21

1 Answers1

2

I'm not sure that this qualifies as an "easier" way, but you could host the specific packages on a server (e.g., Artifactory, S3). You would then have the Dockerfile connect to this location and use the packages from there.

This would allow you to avoid creating a custom base image and you would not have to manually download the packages.

Wesley Rolnick
  • 2,772
  • 12
  • 26