Difference between revisions of "Docker Best Practices"

From Gcube Wiki
Jump to: navigation, search
(What to Package)
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
=== Base and Composed Images =
+
= Base and Composed Images =
  
 
Never build or compose from a <code>latest</code> tag.  
 
Never build or compose from a <code>latest</code> tag.  
Line 25: Line 25:
 
What do we put inside a Docker image.
 
What do we put inside a Docker image.
  
 +
 +
= Stubs =
 +
Sample stub for a service's Dockerfile:
 +
<pre>
 +
FROM tomcat:8.0-jre8
 +
ADD /my-web-app.war /usr/local/tomcat/webapps/
 +
CMD ["catalina.sh", "run"]
 +
</pre>
  
 
''Back to the [[Docker_Guide_for_gCube_Users | Docker guide]].''
 
''Back to the [[Docker_Guide_for_gCube_Users | Docker guide]].''
  
 
[[Category:Docker]]
 
[[Category:Docker]]

Latest revision as of 20:52, 16 August 2020

Base and Composed Images

Never build or compose from a latest tag.

Dockerfile

Use Metadata Labels

Define the Maintainers

Which Users inside the Image

Define the App Name

Define the WORKDIR

Use COPY instead of ADD

Sensitive Information

Never add passwords, hostnames, externals paths, tokens, and keys into images. Use a .dockerignore file to avoid a hazardous COPY instruction, which pulls in sensitive information from the build context.

Minimize the Image Size

What to Package

What do we put inside a Docker image.


Stubs

Sample stub for a service's Dockerfile:

FROM tomcat:8.0-jre8
ADD /my-web-app.war /usr/local/tomcat/webapps/
CMD ["catalina.sh", "run"]

Back to the Docker guide.