Title. Mostly because of two flags: --read-only and --log-driver.

  • Avid Amoeba
    link
    fedilink
    arrow-up
    8
    ·
    1 year ago

    Unless you make your host OS read-only, it itself will keep writing while running your docker containers. Furthermore slapping read-only in a docker container won’t make the OS you’re running in it able to run correctly with an RO root fs. The OS must be able to run with an RO root fs to begin with. Which is the same problem you need to solve for the host OS. So you see, it’s the same problem and docker doesn’t solve it. It’s certainly possible to make an Linux OS that runs on an RO root fs and that’s what you need to focus on.