Title. Mostly because of two flags: --read-only and --log-driver.

  • AggressivelyPassive@feddit.de
    link
    fedilink
    arrow-up
    2
    arrow-down
    3
    ·
    11 months ago

    I think you still don’t get the idea of read-only containers.

    They’re set up in a way that prohibits any writes except some very well defined locations. That could mean piping logs directly to stdout and don’t write them to disk, or not caching on disk, etc.

    That is standard practice in professional setup (though for security reasons).

    No, it’s not magic, but software can get configured, you know? And if you do that properly, you might see a change in behavior.

    • aksdb@feddit.de
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      11 months ago

      If the application in question doesn’t need to write anything, it also doesn’t write outside of docker, so it also won’t wear down the SD card.

      If the app has to write something, a fully read-only container will simply not work (the app will crash or fail otherwise).