You need to recommend a Docker container build strategy that meets the following requirements:
-> Minimizes image sizes
-> Minimizes the security surface area of the final image
What should you include in the recommendation?
Click on the arrows to vote for the correct answer
A. B. C. D.A
Multi-stage builds are a new feature requiring Docker 17.05 or higher on the daemon and client. Multistage builds are useful to anyone who has struggled to optimize Dockerfiles while keeping them easy to read and maintain.
Incorrect Answers:
C: A swarm consists of multiple Docker hosts which run in swarm mode and act as managers (to manage membership and delegation) and workers (which run swarm services).
https://docs.docker.com/develop/develop-images/multistage-build/The recommended Docker container build strategy that meets the given requirements should minimize image sizes and the security surface area of the final image. The best option from the given choices is A. multi-stage builds.
Multi-stage builds are a Dockerfile feature that allows developers to use multiple "FROM" statements within a single Dockerfile, allowing them to build multiple images in separate stages. Each stage of the build can produce an intermediate image, and each stage can copy files from the previous stage while discarding the unnecessary files.
By using multi-stage builds, developers can minimize the size of the final image by only including the necessary files and dependencies needed for the application to run. This process can also reduce the attack surface by removing unnecessary files and configurations.
PowerShell Desired State Configuration (DSC) is a feature in PowerShell that allows administrators to manage and automate configuration of operating systems and applications. It is not related to Docker container build strategy.
Docker Swarm is a clustering and orchestration tool for Docker containers that allows developers to manage and deploy their applications across multiple hosts. It is not related to Docker container build strategy.
Single-stage builds are the traditional method of building Docker images. With this method, developers use a single Dockerfile to build the final image. This method can result in large images that contain unnecessary files and configurations, increasing the attack surface. Therefore, it does not meet the given requirements of minimizing image sizes and security surface area.
In conclusion, the recommended Docker container build strategy that meets the given requirements is multi-stage builds.