Docker Container Best Practices: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(6 intermediate revisions by the same user not shown)
Line 19: Line 19:
* Docker.com Dockerfile best practices: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices
* Docker.com Dockerfile best practices: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices


=Document Images=
=Best Practices for Creating Images=
{{External|https://docs.openshift.com/container-platform/4.6/openshift_images/create-images.html}}
 
==Document Images==


{{Internal|Docker Methods to Document Images|Methods to Document Images}}
{{Internal|Docker Methods to Document Images|Methods to Document Images}}
Line 49: Line 52:


<tt>/opt/dsmanager/bin/dsmanager check-configuration</tt> must exit with a non-zero value if the configuration fails.
<tt>/opt/dsmanager/bin/dsmanager check-configuration</tt> must exit with a non-zero value if the configuration fails.
=Use .dockerignore=
=<font color=darkgray>Use Multistage Builds</font>=
<font color=darkgray>TODO https://docs.docker.com/develop/develop-images/multistage-build/</font>


=To Process=
=To Process=
Line 54: Line 63:
* Principles of Container-Based Application Design by Bilgin Ibryam https://www.redhat.com/cms/managed-files/cl-cloud-native-container-design-whitepaper-f8808kc-201710-v3-en.pdf
* Principles of Container-Based Application Design by Bilgin Ibryam https://www.redhat.com/cms/managed-files/cl-cloud-native-container-design-whitepaper-f8808kc-201710-v3-en.pdf
* Ten Layers of Container Security https://www.redhat.com/en/resources/container-security-openshift-cloud-devops-whitepaper
* Ten Layers of Container Security https://www.redhat.com/en/resources/container-security-openshift-cloud-devops-whitepaper
* "Container Design Principles" in https://www.infoq.com/articles/kubernetes-effect
* "Container Design Principles":
** in "Design patterns for container-based distributed systems" https://www.usenix.org/system/files/conference/hotcloud16/hotcloud16_burns.pdf
** in https://www.infoq.com/articles/kubernetes-effect
 
* O'Reilly Designing Distributed Systems Patterns and Paradigms for Scalable, Reliable Services http://shop.oreilly.com/product/0636920072768.do
* Kubernetes Production Patterns: https://github.com/gravitational/workshop/blob/master/k8sprod.md
* https://www.infoq.com/presentations/docker-dev-prod

Latest revision as of 02:12, 2 January 2021

External

Internal

Overview

Reference

Best Practices for Creating Images

https://docs.openshift.com/container-platform/4.6/openshift_images/create-images.html

Document Images

Methods to Document Images
  • Logging
  • Metrics
  • Storage
  • Operations
  • Upgrades

Java in a Container

Java in a Container

Fail Early

Check the environment configuration and fail early in the ENTRYPOINT script:

 #
 # check the environment and fail early, when the container executed for the first time
 #
/opt/dsmanager/bin/dsmanager check-configuration || { echo "dsmanager configuration error" 1>&2; exit 1; }

/opt/dsmanager/bin/dsmanager check-configuration must exit with a non-zero value if the configuration fails.

Use .dockerignore

Use Multistage Builds

TODO https://docs.docker.com/develop/develop-images/multistage-build/

To Process