Immutable infrastructure
Immutable infrastructure is a security and operations model where components such as servers, containers, and images are never modified after deployment. Instead of patching or reconfiguring live systems, you replace them entirely with new versions.
When using Docker Hardened Images, immutability is a best practice that reinforces the security posture of your software supply chain.
Why immutability matters
Mutable systems are harder to secure and audit. Live patching or manual updates introduce risks such as:
- Configuration drift
- Untracked changes
- Inconsistent environments
- Increased attack surface
Immutable infrastructure solves this by making changes only through controlled, repeatable builds and deployments.
How Docker Hardened Images support immutability
Docker Hardened Images are built to be minimal, locked-down, and non-interactive, which discourages in-place modification. For example:
- Many DHI images exclude shells, package managers, and debugging tools
- DHI images are designed to be scanned and signed before deployment
- DHI users are encouraged to rebuild and redeploy images rather than patch running containers
This design aligns with immutable practices and ensures that:
- Updates go through the CI/CD pipeline
- All changes are versioned and auditable
- Systems can be rolled back or reproduced consistently
Immutable patterns in practice
Some common patterns that leverage immutability include:
- Container replacement: Instead of logging into a container to fix a bug or apply a patch, rebuild the image and redeploy it.
- Infrastructure as Code (IaC): Define your infrastructure and image configurations in version-controlled files.
- Blue/Green or Canary deployments: Roll out new images alongside old ones and gradually shift traffic to the new version.
By combining immutable infrastructure principles with hardened images, you create a predictable and secure deployment workflow that resists tampering and minimizes long-term risk.