Docker Container Best Practices: Difference between revisions
Jump to navigation
Jump to search
| (17 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
=External= | =External= | ||
* https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/getting_started_with_containers/get_started_with_docker_formatted_container_images#creating_docker_images | * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/getting_started_with_containers/get_started_with_docker_formatted_container_images#creating_docker_images | ||
* https://docs.docker.com/develop/dev-best-practices/ | * https://docs.docker.com/develop/dev-best-practices/ | ||
| Line 8: | Line 7: | ||
* https://containerjournal.com/2016/03/21/5-docker-best-practices-follow/ | * https://containerjournal.com/2016/03/21/5-docker-best-practices-follow/ | ||
* https://it.artindustrial.com/2017/09/20/10-best-practices-for-creating-good-docker-images/ | * https://it.artindustrial.com/2017/09/20/10-best-practices-for-creating-good-docker-images/ | ||
* https://developers.redhat.com/blog/2016/02/24/10-things-to-avoid-in-docker-containers | |||
=Internal= | =Internal= | ||
| Line 15: | Line 15: | ||
=Overview= | =Overview= | ||
=Document Images= | =Reference= | ||
* Docker.com Dockerfile best practices: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices | |||
=Best Practices for Creating Images= | |||
{{External|https://docs.openshift.com/container-platform/4.6/openshift_images/create-images.html}} | |||
==Document Images== | |||
{{Internal|Docker Methods to Document Images|Methods to Document Images}} | {{Internal|Docker Methods to Document Images|Methods to Document Images}} | ||
| Line 32: | Line 39: | ||
{{Internal|Java in a Container|Java in a Container}} | {{Internal|Java in a Container|Java in a Container}} | ||
=Fail Early= | |||
Check the environment configuration and fail early in the ENTRYPOINT script: | |||
<syntaxhighlight lang='bash'> | |||
# | |||
# check the environment and fail early, when the container executed for the first time | |||
# | |||
/opt/dsmanager/bin/dsmanager check-configuration || { echo "dsmanager configuration error" 1>&2; exit 1; } | |||
</syntaxhighlight> | |||
<tt>/opt/dsmanager/bin/dsmanager check-configuration</tt> must exit with a non-zero value if the configuration fails. | |||
=Use .dockerignore= | |||
=<font color=darkgray>Use Multistage Builds</font>= | |||
<font color=darkgray>TODO https://docs.docker.com/develop/develop-images/multistage-build/</font> | |||
=To Process= | |||
* Principles of Container-Based Application Design by Bilgin Ibryam https://www.redhat.com/cms/managed-files/cl-cloud-native-container-design-whitepaper-f8808kc-201710-v3-en.pdf | |||
* Ten Layers of Container Security https://www.redhat.com/en/resources/container-security-openshift-cloud-devops-whitepaper | |||
* "Container Design Principles": | |||
** in "Design patterns for container-based distributed systems" https://www.usenix.org/system/files/conference/hotcloud16/hotcloud16_burns.pdf | |||
** in https://www.infoq.com/articles/kubernetes-effect | |||
* O'Reilly Designing Distributed Systems Patterns and Paradigms for Scalable, Reliable Services http://shop.oreilly.com/product/0636920072768.do | |||
* Kubernetes Production Patterns: https://github.com/gravitational/workshop/blob/master/k8sprod.md | |||
* https://www.infoq.com/presentations/docker-dev-prod | |||
Latest revision as of 02:12, 2 January 2021
External
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html/getting_started_with_containers/get_started_with_docker_formatted_container_images#creating_docker_images
- https://docs.docker.com/develop/dev-best-practices/
- https://medium.com/@nagarwal/best-practices-for-working-with-dockerfiles-fb2d22b78186
- http://docs.projectatomic.io/container-best-practices/
- https://containerjournal.com/2016/03/21/5-docker-best-practices-follow/
- https://it.artindustrial.com/2017/09/20/10-best-practices-for-creating-good-docker-images/
- https://developers.redhat.com/blog/2016/02/24/10-things-to-avoid-in-docker-containers
Internal
Overview
Reference
- Docker.com Dockerfile best practices: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices
Best Practices for Creating Images
Document Images
- Logging
- Metrics
- Storage
- Operations
- Upgrades
Java in a Container
Fail Early
Check the environment configuration and fail early in the ENTRYPOINT script:
#
# check the environment and fail early, when the container executed for the first time
#
/opt/dsmanager/bin/dsmanager check-configuration || { echo "dsmanager configuration error" 1>&2; exit 1; }
/opt/dsmanager/bin/dsmanager check-configuration must exit with a non-zero value if the configuration fails.
Use .dockerignore
Use Multistage Builds
TODO https://docs.docker.com/develop/develop-images/multistage-build/
To Process
- Principles of Container-Based Application Design by Bilgin Ibryam https://www.redhat.com/cms/managed-files/cl-cloud-native-container-design-whitepaper-f8808kc-201710-v3-en.pdf
- Ten Layers of Container Security https://www.redhat.com/en/resources/container-security-openshift-cloud-devops-whitepaper
- "Container Design Principles":
- in "Design patterns for container-based distributed systems" https://www.usenix.org/system/files/conference/hotcloud16/hotcloud16_burns.pdf
- in https://www.infoq.com/articles/kubernetes-effect
- O'Reilly Designing Distributed Systems Patterns and Paradigms for Scalable, Reliable Services http://shop.oreilly.com/product/0636920072768.do
- Kubernetes Production Patterns: https://github.com/gravitational/workshop/blob/master/k8sprod.md
- https://www.infoq.com/presentations/docker-dev-prod