Docker is not a Package Management Tool

I came across this assumption many people have that Docker is a package management tool. Let me break the news and tell you that it is not.

Docker solves isolation problem first. Docker container looks like a regular OS to applications running inside of it, and you should use it like a regular OS:

1. You should attempt to install prebuilt packages, e.g. via apt-get.
2. You need to have a correct init process. Here's a great article on PID 1 problem that must be solved in Docker https://blog.phusion.nl/2015/01/20/docker-and-the-pid-1-zombie-reaping-problem/.

People ask me why they need to install their software via apt-get or yum. Well, you don't have to, but application build process should be separate from containerization step. Docker containers are meant to run single service in isolation; however, single service can be composed of many different applications. Such services are more evident in larger distributed systems. Furthermore, prebuilt packages can be shared across different containers. This means that same stable package build is going to exist in all containers that need it. You also don't want to rebuild anything inside container during config changes. For the sake of example, if it's a go app, then it should be built once, tested and pulled into container via package manager. If your app supports config files, updates to these files should not trigger app rebuild since code hasn't changed.

Yes, prepackaging code before putting it into containers adds more complexity to your build/release pipeline, however it does separate individual applications from services. The former should be unit/regression/whatever tested separately. Having separate build and package step also simplifies container provisioning routines.