Hi all, I’ve been wondering: do some people mirror container images from Docker Hub?
I’m thinking of a situation where I have an application deployed using a container image from Docker Hub, say node as an example but could be anything, and then some day that image isn’t available. It’s been taken down from Docker Hub for whatever reason.
Or perhaps the tagged version I’m using has been removed.
Or perhaps the tagged version has been replaced - and suddenly the tagged version that I’ve tied myself to and tested my app against is now different and could break my app.
Should I be mirroring these images into my own container registry and deploying from there in order to mitigate these risks?
I already use a container registry for my own images (in GitLab), so putting in place something to mirror the container images I need to there should be fairly straightforward I think.
If you use GitLab already and the concern mostly is the rate limit, then you may want to check out the integrated GitLab dependency proxy which caches images for you. For anything else a custom mirror is a good way to go (using something like the above mentioned Trow or any other solution).
Thanks for all the suggestions - this is not an area that I’ve considered much in the past, but I’ll look into these options. It’s all interesting stuff