惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

P
Proofpoint News Feed
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cisco Talos Blog
Cisco Talos Blog
Martin Fowler
Martin Fowler
S
SegmentFault 最新的问题
宝玉的分享
宝玉的分享
T
Tenable Blog
Stack Overflow Blog
Stack Overflow Blog
P
Palo Alto Networks Blog
J
Java Code Geeks
T
True Tiger Recordings
S
Schneier on Security
C
Cybersecurity and Infrastructure Security Agency CISA
Stack Overflow Blog
Stack Overflow Blog
爱范儿
爱范儿
博客园 - 【当耐特】
WordPress大学
WordPress大学
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
H
Help Net Security
F
Future of Privacy Forum
Scott Helme
Scott Helme
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
S
Security @ Cisco Blogs
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - 司徒正美
V
V2EX
Google DeepMind News
Google DeepMind News
云风的 BLOG
云风的 BLOG
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Malwarebytes
Malwarebytes
大猫的无限游戏
大猫的无限游戏
C
Check Point Blog
The GitHub Blog
The GitHub Blog
The Hacker News
The Hacker News
博客园 - 聂微东
李成银的技术随笔
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
V
Vulnerabilities – Threatpost
O
OpenAI News
C
Cyber Attacks, Cyber Crime and Cyber Security
C
Comments on: Blog
Project Zero
Project Zero
Engineering at Meta
Engineering at Meta
Recent Announcements
Recent Announcements
N
Netflix TechBlog - Medium
博客园 - Franky
aimingoo的专栏
aimingoo的专栏
M
Microsoft Research Blog - Microsoft Research
Security Latest
Security Latest
T
Tor Project blog

DEV Community

Self-Hosted LLM Tool Calling: Forge and the Build-vs-Buy Decision ORA-00072 오류 원인과 해결 방법 완벽 가이드 OpenWA for CTOs: Self-Hosted WhatsApp Gateway Trade-Offs NotebookLM Automation With notebooklm-py: Useful, But Classify Data First Coding-Agent Instruction Design: The CLAUDE.md File That Prevents Rework When I Finally Realized My Runtime Was Holding Me Back GnokeOps: Host Your Own AI House Party AI Agents in Practice — Part 2: What Makes Something an Agent Stop scattering LLM SDK/API calls across your codebase. Here is the 2-file rule that fixed mine Beyond Prompts: Structuring AI Workflows for Real Frontend Engineering From an Abandoned Hackathon Project to an AI Study Workspace 🚀 Terraform with AI: Build AWS Infra (Cursor + MCP) What If AI Didn’t Need the Internet? 750,000 Chips, 140 Trillion Tokens: The Math Behind DeepSeek's Permanent Price Cut You're Renting Someone Else's Compute — And It's Costing You More Than You Think CSS :has() Selector: The Layout Trick I Wish I Knew 5 Years Ago Five Clusters. Five Lessons. One Production System. Synaptic: A Local-First AI Dev Companion That Remembers How You Think Revolutionizing Edge MedTech: Building a Sovereign Sleep Apnea Companion ("XiHan Snore Coach") with Gemma 4 HDD Eksternal Tiba-Tiba Tidak Bisa Diakses di Windows? Ini Tiga Lapis Fix-nya DMARC p=none vs p=quarantine vs p=reject: what to use and when DSA Application in Real Life: How Git Diff Works: LCS Intuition, Myers Algorithm, and Real Code Changes I solo-built a reputation layer for AI agents on NEAR — and here's what I learned I built an AI faceless video generator in 2 months — here's the stack Diffusion Language Models: How NVIDIA Nemotron-Labs Diffusion Shatters the Autoregressive Speed Ceiling llm-nano-vm v0.8.0 — deterministic FSM runtime for LLM pipelines, now with output validation and per-step timeouts From the Renaissance to the Quantum Dawn: AI, Computation, and the Next Paradigm Shift How I Built a Review Site with 800+ Articles Using AI I Built a Smart Kitchen AI with Gemma 4 That Turns Fridge Photos Into Recipes Why your vulnerability dashboard is lying to you (and how to fix it) From Abandoned Prototype to Smart AI System: Reviving Trafiq AI with GitHub Copilot Why Country/State/City Pickers Are Weirdly Hard Node.js 22 LTS — EOL Date, Support Timeline, and What Comes Next The 7-Layer Memory Architecture Behind Modern AI Agents I Imagined Hermes Agent Running an Entire Smart City — And It Changed How I See AI One backend, four products: why we bet on platform-per-brand AI's tech debt is invisible — even to AI. I solved it at the architecture layer. Why ROAS 300% Can Still Mean Losses — Gross Margin in 5 Ecommerce Verticals You Don’t Need to Try Every AI Tool to Keep Up NovelPilot: A Novel Writing Agent Powered by Gemma 4 BoxAgnts is an Out-Of-The-Box Secure AI Agent ToolBox in a WASM SandBox Gemma 4 deep dive: why a 1.5 GB model scores 37.5% on competition mathematics, how the MoE routing actually works, and which model fits your hardware. Full breakdown inside. BeeLlama v0.2.0: 164 tok/s on a 27B model, one RTX 3090 Google Just Declared the Chat-Log Interface Dead. Here's What Neural Expressive Actually Signals for Developers. ARCHITECTURE SPECIFICATION & FORMAL SYSTEM REPORT: k501-AIONARC Notes from a Hammock What's Google Antigravity 2.0 ? Here's What the Agent Harness Actually Changes for Developers. Building an E2EE Chat App in Flask - Part 3: Keeping File Uploads Safe Google's Gemini Spark. Here's What It Actually Does for Developers. Microsoft Just Shipped MCP Governance for .NET. Here's What It Actually Enforces. How I Built a Pakistan Internet Speed Test Platform at 16 How to Build a Supervisor Agent Architecture Without Frameworks I Built My Own Corner of the Internet — Here's What It Looks Like How does VuReact compile Vue 3's defineExpose() to React? Neo-VECTR's Rift Ascent Idempotency Keys: The API Safety Net You Probably Aren't Using Building E-Commerce Sites for Niche Products: Technical Lessons from Specialty Outdoor Retailers Audit Logs: The Silent Guardian of Every Serious System Open-source SDS tooling for Japanese MHLW compliance: the gap nobody filled BetAGracevI I Built a Post-Quantum Cryptographic Identity SDK for AI Agents — Here's Why It Needs to Exist Running Claude Code across multiple repos without losing context There Are Cameras in Every Room of My House. I Put Them There. Why your AI agent loops forever (and how to break the cycle) How does VuReact compile Vue 3's defineSlots() to React? Building a Privacy-First Resume Editor with Typst WASM and React One Soul, Any Model: Portable Memory for Open-Source Agents with .klickd From Pixels to Prescriptions: Building an Autonomous Healthcare Booking Agent with LangGraph MonoGame - A Game Engine for Those Who Love Reinventing the Wheel # Day 24: In Solana, Everything is an Account Mastering Node.js HTTP Module: Build Servers, REST APIs, and Handle Requests Mastering Node.js HTTP Module: Build Servers, REST APIs, and Handle Requests RP2040 Wristwatch Tells Time With a Vintage VU Meter Needle observations about models / 2026, may From Video Transcripts to Source-Grounded AI Notes: A Practical Look at Notesnip AI Agent Dev Environment Guide — Real Experience from an AI Living Inside a Server How I Run 7 AI Models 24/7: Multi-Agent Architecture in Practice What exactly changes with the Claude Max plan? I Revived a Broken MLOps Platform — Now It's Self-Service, Policy-Guarded, and Operationally Credible OpenAI's $2M-tokens-for-equity YC deal, decoded Why DMX Infrastructure is Still Stuck in the 90s Agent Series (2): ReAct — The Most Important Agent Reasoning Paradigm Open Source Project (No.73): Sub2API - All-in-One Claude/OpenAI/Gemini Subscription-to-API Relay I Made the Wrong Bet on Event Streaming in Our Treasure Hunt Engine #ai #productivity #chatgpt #python Symbolic Constant Conundrum From Manual RAG to Real Retrieval — Embedding-Based RAG with NVIDIA NIM Building an outbound-only WebSocket bridge for local AI agents Our System's Sins in Ghana: Why We Had to Rethink Digital Product Sales Execution Governance, AI Drift, and the Security Paradox of Runtime Enforcement Differential Pair Impedance: Why USB and HDMI Routing Is a Geometry Problem Small AI database questions can become big scans Claude Code 2.1 Agent View & /goal: Autonomous Dev Guide 2026 Your AI database agent should not see every column Rust's Low-Latency Conquest: Why We Ditched C++ for a Treasure Hunt Engine Floating-point will quietly corrupt your emissions math, and 0.1 + 0.2 already warned you Autonomous Agents: what breaks first (and why that's the real product) [2026-05-23] Agent payments are the new cloud bill footgun ORA-00069 오류 원인과 해결 방법 완벽 가이드 How I Built a Local, Multimodal Gemma 4 Visual Regression & Patch Agent: Closed-Loop Validation, Canvas Pixel Diffing, and Reproducible Benchmarks
Docker v29.5.x Operator Upgrade Checklist
Yash Pritwan · 2026-05-23 · via DEV Community

Yash Pritwani

Originally published on TechSaaS Cloud

Originally published on TechSaaS Cloud

Docker v29.5.x Operator Upgrade Checklist

Docker upgrades should not be driven by release headlines. They should be driven by an operator test matrix. That is especially true for v29.x environments where engine behavior, client libraries, BuildKit, Compose, networking, and host security settings can all interact with real workloads.

If your feed says Docker v29.5.2, v29.5.x, or another patch in the same line is ready, do not turn that into a fleet-wide upgrade. Turn it into a canary.

This article deliberately avoids pretending that every patch note can be summarized safely from memory. The useful operator action is stable: test the parts of Docker your production systems depend on before the shared hosts move.

Start With Inventory

Before upgrading, list what actually runs on the hosts:

  • Docker Engine version
  • Docker CLI version
  • Compose plugin version
  • Buildx version
  • storage driver
  • cgroup mode
  • host kernel
  • AppArmor or SELinux mode
  • rootless usage
  • private registries
  • CI jobs that build images

Most upgrade incidents come from assumptions. Inventory removes assumptions.

Canary One Real Stack

Create a canary host or canary VM that matches production closely. Do not test with a hello-world container and call it done.

Run one representative stack:

  • one web container
  • one worker
  • one database or stateful dependency in non-production mode
  • one published port
  • one internal network
  • one bind mount or named volume
  • one health check
  • one image build

Then test startup, restart, log collection, DNS resolution, network connectivity, volume persistence, and graceful shutdown.

Validate Networking

Networking regressions hurt quickly because they look like application failures.

Check:

docker network ls
docker network inspect <network>
docker compose up -d
docker compose exec api getent hosts worker
docker compose exec api curl -fsS http://worker:8080/health

Enter fullscreen mode Exit fullscreen mode

Also test published ports from outside the host. Many teams only test container-to-container traffic and miss host ingress behavior.

Validate Storage And Backups

Storage tests should be boring.

Write data, restart the container, recreate the container, and confirm data remains where expected. Then confirm backups still see the paths they expect.

If your production stack uses bind mounts, test ownership and permissions. If it uses named volumes, test restore procedures. If it uses a database container, test backup hooks before upgrading the host that runs it.

Validate Build And CI

Docker upgrades often affect developers and CI before they affect runtime services.

Run:

docker build .
docker buildx version
docker compose config
docker compose build

Enter fullscreen mode Exit fullscreen mode

If CI uses Docker-in-Docker or remote builders, test those separately. A successful runtime upgrade does not guarantee the build pipeline is safe.

Keep A Rollback Pin

Do not upgrade without knowing how to roll back. Keep the previous package versions, repository pin, and service restart plan ready.

The rollback plan should include:

  • package downgrade command
  • Compose plugin version
  • Buildx plugin version
  • daemon config backup
  • data directory backup decision
  • owner and communication channel

Rollback is not a failure. It is part of the upgrade plan.

Watch The First 24 Hours

The upgrade is not done when the service starts. Watch the first day of real workloads.

Track:

  • container restart count
  • image pull failures
  • DNS lookup failures
  • network timeout rate
  • disk usage
  • log driver behavior
  • build job duration
  • registry auth errors
  • daemon warnings

Compare those numbers with the previous day. A small increase in restart count or build time can be the first signal of a compatibility issue.

Communicate The Change

Developers need to know what changed before their builds fail.

Send a short note:

  • target Docker version
  • affected hosts
  • upgrade window
  • known behavior changes to watch
  • rollback contact
  • how to report build or runtime issues

This is especially important for startups where CI, staging, preview environments, and shared development hosts often depend on the same container toolchain.

Do Not Mix Too Many Changes

Avoid upgrading Docker, Compose, Buildx, host kernel, registry configuration, and application stacks in one maintenance window unless you have no choice. If something breaks, the search space becomes too large.

Make one layer boring before changing the next. Operators win by reducing unknowns.

A Minimal Command Checklist

Keep a short command list in the runbook:

docker version
docker info
docker compose version
docker buildx version
docker network ls
docker volume ls
journalctl -u docker --since "1 hour ago"

Enter fullscreen mode Exit fullscreen mode

Those commands will not catch every issue, but they create a common language for the first triage call.

Service CTA

TechSaaS helps teams run container platforms with practical upgrade, rollback, and observability discipline. If Docker upgrades are risky because the current stack is undocumented, start here: https://techsaas.cloud/services

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。