Bobcares

How to update Docker image to maintain your containers secure

by | Jan 3, 2017

In a Docker infrastructure, the Docker containers are created using images. Containers are instances that are created when the image files are executed. These images can be of web servers, mail servers, applications, and so on.

Docker images are stored in locations knows as repository or registry. There are two types of repository – public registry (Docker hub maintained by Docker) and private repository (maintained by Docker users).

Many often, businesses require to customize these Docker images to suit their specific purposes. Here, we’ll discuss how to update Docker images for your containers.

Setup and manage your Docker system

GET IN TOUCH WITH THE DOCKER EXPERTS NOW!

 

When to update Docker images?

Container images are usually updated during these scenarios:

  1. To obtain the latest version of a software or application release
  2. To add or modify features in the existing software
  3. To patch and protect software or service from security vulnerabilities
  4. To customize existing images for specific requirements

In all these situations, the existing container images have to be updated and used in the Docker containers. This process is usually referred to as ‘building’ Docker images.

Images can be built in two ways – 1. By manually executing the steps such as downloading, customizing and committing the images. 2. Using a Docker file.

We’ll see both the methods here:

Get images for Docker from the repository

When you manually build an image through the interactive command-line session, the first step is to get the required image from the repository it is stored in – either the DockerHub or private repository.

The images in the Docker hub are maintained by Docker and they would update it periodically. But maintaining the images in the private repository is the responsibility of each business owner.

Once you have identified the required image in the repository, using ‘docker search‘ command, you can download it from the Docker repository using ‘docker pull‘ command:

docker pull ubuntu

With these downloaded images, Docker containers can be created. The list of images in your Docker host can be identified using ‘docker images’ command.

 

update docker image list

List Docker images

 

Maintaining and updating the images in the local repository is a crucial aspect, as there are chances these images get prone to security vulnerabilities or hacks otherwise.

[ Are your spending too much time managing your Docker containers? Our Docker experts take care of your infrastructure and ensure its smooth functioning. ]

Update the docker image

Once the image is downloaded into the host machine, the next step to update a particular Docker image is to create a container using it.

Then the required modifications can be done in the container and that image can be copied over. Here are the steps to do that:

1. Create a new container

First of all, create the container using the Docker image you want to modify. The command for this is:

docker run -t -i ubuntu /bin/bash

2. Make the required changes

Access the new container and make the updates or modifications needed in it. It could be actions such as applying security patches, modifying the application code, recompiling the service with new modules, and so on.

3. Exit the container

After making the modifications and updates, exit the container.

4. Commit the changes

Once the container is updated, commit the changes made in this container to a Docker image using ‘docker commit‘.

docker commit -m "changes made" [container-id] ubuntu:v2

This new image would now be listed in the Docker host and it can be used to create new containers.

5. Push the new image to the repository

The updated Docker image can be added to the Docker repository using ‘docker push’. Obsolete images can be removed from the repository to avoid from being used anymore.

[ Running a Docker infrastructure doesn’t have to be hard, or costly. Get world class Docker management services at affordable pricing. ]

Update Docker images using Dockerfile

To simplify these docker image update steps, there is another way using ‘docker build’ command. It builds a container with the help of a Dockerfile.

A Dockerfile contains a set of instructions that can be used to update the container image. For instance, to configure PHP in a container, a sample file is:

 

update docker image using dockerfile

Customer Dockerfile to create containers

 

The FROM directive says what the base image should be. The RUN command installs all the necessary packages from Ubuntu repository, and the ADD command copies the contents of ‘/tmp/mageshop01/html/’ to ‘/var/www/html’ folder of the server instance.

You can do further customization on the PHP and Apache configuration files using more RUN commands in the Dockerfile. Once the Dockerfile is updated, use the command to build the new image using this file:

docker build -t ubuntu:v2 'path-to-docker-file'

Using the given Docker file, the ‘docker build’ command will create a container with the updated image. The new image name can be set using the ‘-t’ option. This image can be ‘pushed’ to the repository for future use.

We’ve been able to prevent server incidents by up to 15% by using our proactive server checks (click here to see how we improve web hosting support).

[ Use your time to build your business. We’ll take care of your customers. Hire Our Docker Support Specialists at affordable pricing. ]

In short..

Today we saw how to update containers with the modified or new docker images. Setting tags on these images helps to identify them easily for future use.

Care has to be exercised in maintaining the images in the Docker repository updated and secure. Any custom configuration done should be preserved well, with version control.

Whenever a vulnerability is reported, immediate patching of the image has to be done. At Bobcares, our 24/7 security team manages these images up-to-date.

If you’d like to know how to manage your Docker system and to get the best out of them for your business, we’d be happy to talk to you.

 

Do you provide Docker hosting services?

Wish you had more time to focus on your business? Let us help you.

Our engineers will assist you to setup, monitor and manage your Docker infrastructure 24/7.

GET IN TOUCH WITH THE EXPERTS NOW!

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF