0

We have a development environment based on Docker, and since our staging and production servers are not based on Docker - we are trying to make those as similar as possible (Linux distribution, LAMP versions, configurations..).

I saw that most of Docker hub's offical images (e.g. mysql) are based on Jessie (Debian) and our servers are running Centos 6/7 (RedHat) so we created our own custom images "from" Centos that has all the required installations and therfore it is similar to the production environment.

My question is - is it really important for us to make sure that we are using the same Linux distribution on both the Docker image and on the production server or is it a waste of time and we should just use the offical images?

Thanks.

Rotem
  • 147
  • 1
  • 14

1 Answers1

5

From a Docker perspective it is not important to match your in and out-of-container OS. Where it gets more important is when you have to think about patching and troubleshooting both -- if you have a mix of Debian, CentOS, and Alpine then you'll have to think about how to keep all of them up to date.

The in-container OS is also relevant in its size. Minimalist distributions like Alpine will generally be smaller than a base Debian image, which keeps your container sizes down and reduces your patch-landscape.

If your plan is to perform dev/test inside a container but run in production outside a container, it makes sense to match them as closely as possible.

Jason Martin
  • 5,023
  • 17
  • 24
  • Just to make sure - I'm only talking about the container's OS and not on the hosts OS (our Docker is running under boot2docker). I'm also not sure that I understand the bottom line, since running lamp on cetnos on our production sever may work different than lamp (with the same versions) on Alpine for example, am I missing something? – Rotem Dec 30 '16 at 18:10
  • You don't need all your containers to run the 'same' OS as far as docker is concerned, but doing so limits how many OS's you have to understand and maintain. Yes, LAMP on alpine is different than CentOS. My point about minimalist OS inside the container is that it saves on time and disk, since you don't have to update things you aren't using nor push/pull them repeatedly. It also means less is available to someone who subverts a container. – Jason Martin Dec 30 '16 at 18:20
  • Agreed, but it also bears mentioning that kernel version matters in some cases. It would be fairly rare for a difference in minor kernel versions to break things, but it is worth at least trying to ensure kernel parity between environments, or at least ensuring that your tests are run in an environment with the same kernel as production. – EEAA Dec 30 '16 at 18:27
  • @Jason Martin's That's understood, but I want to focus on reliability / environment related bugs. Lets say that scalability and performance are not part of the equation - is it smart to use Docker image with the same OS to avoid environment related bugs? – Rotem Dec 30 '16 at 18:31
  • @EEAA so it is recommended to use a Docker image with (at least) the same kernel version as on the production server? – Rotem Dec 30 '16 at 18:33
  • Docker images don't have a kernel version: they're not virtual machines. Rather, they're containers and processes run within a docker container use the host's kernel. – EEAA Dec 30 '16 at 18:36
  • @Rotem if you are testing in a container but running in production outside a container, yes you would want to match them as closely as possible. – Jason Martin Dec 30 '16 at 18:39
  • So why all the official repositories only come with a specific OS? That's because they assume that you're using the same image on all your server (in other words - packing the app as an image)? – Rotem Dec 30 '16 at 18:47
  • 1
    @Rotem How else would you suggest that repos be configured? There must be a base OS image used. Your use case (only using docker for development) is becoming more and more rare. Either you choose to use whatever base image is provided, or you build your own. None of us can help you decide which is best for your workflow and requirements. – EEAA Dec 30 '16 at 18:52
  • 1
    @Rotem It's because the Docker developers are Ubuntu partisans, not for any good technical reasons. – Michael Hampton Dec 30 '16 at 19:25