Docker Container Best Practices: Difference between revisions
Jump to navigation
Jump to search
(7 intermediate revisions by the same user not shown) | |||
Line 19: | Line 19: | ||
* Docker.com Dockerfile best practices: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices | * Docker.com Dockerfile best practices: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices | ||
=Document Images= | =Best Practices for Creating Images= | ||
{{External|https://docs.openshift.com/container-platform/4.6/openshift_images/create-images.html}} | |||
==Document Images== | |||
{{Internal|Docker Methods to Document Images|Methods to Document Images}} | {{Internal|Docker Methods to Document Images|Methods to Document Images}} | ||
Line 49: | Line 52: | ||
<tt>/opt/dsmanager/bin/dsmanager check-configuration</tt> must exit with a non-zero value if the configuration fails. | <tt>/opt/dsmanager/bin/dsmanager check-configuration</tt> must exit with a non-zero value if the configuration fails. | ||
=Use .dockerignore= | |||
=<font color=darkgray>Use Multistage Builds</font>= | |||
<font color=darkgray>TODO https://docs.docker.com/develop/develop-images/multistage-build/</font> | |||
=To Process= | =To Process= | ||
Line 54: | Line 63: | ||
* Principles of Container-Based Application Design by Bilgin Ibryam https://www.redhat.com/cms/managed-files/cl-cloud-native-container-design-whitepaper-f8808kc-201710-v3-en.pdf | * Principles of Container-Based Application Design by Bilgin Ibryam https://www.redhat.com/cms/managed-files/cl-cloud-native-container-design-whitepaper-f8808kc-201710-v3-en.pdf | ||
* Ten Layers of Container Security https://www.redhat.com/en/resources/container-security-openshift-cloud-devops-whitepaper | * Ten Layers of Container Security https://www.redhat.com/en/resources/container-security-openshift-cloud-devops-whitepaper | ||
* "Container Design Principles": | |||
** in "Design patterns for container-based distributed systems" https://www.usenix.org/system/files/conference/hotcloud16/hotcloud16_burns.pdf | |||
** in https://www.infoq.com/articles/kubernetes-effect | |||
* O'Reilly Designing Distributed Systems Patterns and Paradigms for Scalable, Reliable Services http://shop.oreilly.com/product/0636920072768.do | |||
* Kubernetes Production Patterns: https://github.com/gravitational/workshop/blob/master/k8sprod.md | |||
* https://www.infoq.com/presentations/docker-dev-prod |
Latest revision as of 02:12, 2 January 2021
External
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/getting_started_with_containers/get_started_with_docker_formatted_container_images#creating_docker_images
- https://docs.docker.com/develop/dev-best-practices/
- https://medium.com/@nagarwal/best-practices-for-working-with-dockerfiles-fb2d22b78186
- http://docs.projectatomic.io/container-best-practices/
- https://containerjournal.com/2016/03/21/5-docker-best-practices-follow/
- https://it.artindustrial.com/2017/09/20/10-best-practices-for-creating-good-docker-images/
- https://developers.redhat.com/blog/2016/02/24/10-things-to-avoid-in-docker-containers
Internal
Overview
Reference
- Docker.com Dockerfile best practices: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices
Best Practices for Creating Images
Document Images
- Logging
- Metrics
- Storage
- Operations
- Upgrades
Java in a Container
Fail Early
Check the environment configuration and fail early in the ENTRYPOINT script:
#
# check the environment and fail early, when the container executed for the first time
#
/opt/dsmanager/bin/dsmanager check-configuration || { echo "dsmanager configuration error" 1>&2; exit 1; }
/opt/dsmanager/bin/dsmanager check-configuration must exit with a non-zero value if the configuration fails.
Use .dockerignore
Use Multistage Builds
TODO https://docs.docker.com/develop/develop-images/multistage-build/
To Process
- Principles of Container-Based Application Design by Bilgin Ibryam https://www.redhat.com/cms/managed-files/cl-cloud-native-container-design-whitepaper-f8808kc-201710-v3-en.pdf
- Ten Layers of Container Security https://www.redhat.com/en/resources/container-security-openshift-cloud-devops-whitepaper
- "Container Design Principles":
- in "Design patterns for container-based distributed systems" https://www.usenix.org/system/files/conference/hotcloud16/hotcloud16_burns.pdf
- in https://www.infoq.com/articles/kubernetes-effect
- O'Reilly Designing Distributed Systems Patterns and Paradigms for Scalable, Reliable Services http://shop.oreilly.com/product/0636920072768.do
- Kubernetes Production Patterns: https://github.com/gravitational/workshop/blob/master/k8sprod.md
- https://www.infoq.com/presentations/docker-dev-prod