Skip to main content

Docker

These are docker guidelines that are a MUST for every development:

  • Docker support consists in 4 kind of files: compose.local.yaml (for local development), compose.dev.yaml (for development infrastructure), compose.test.yaml (for test infrastructure), compose.yaml (for production infrastructure)
  • In local compose we use the build keyword; In others we use image keyword only, with related tag prefixes (dev, test, none x prod)
  • With every environment comes an env file, this is done to avoid making errors in productions
  • Loading env file (dotenv.load_dotenv) is not needed because it's loaded using env_file keyword (remember adding to .dockerignore to avoid sensible information leaking)
  • Pinning version in composes of used images it's good because we can get environments exactly as we expect in development
  • Creating a .dockerignore file allow us to reduce images size, avoid info leaking
  • Order in Dockerfile instructions matter, it can reduce the builds time
  • All docker support files are stored in "docker" folder
  • Provide healthcheck for services (es. PostgresDB, endpoint for webapp)
  • It's preferred to use local mount instead of volumes because we can easily get the content from devops
  • To build images that have private dependencies, we need to pass a token as argument (WIP)
  • Use a proper container name with development name and code (ex. 123_geocoding)
  • When a service has a external exposed port, we declare in ports keyword; When it's only for internal use, we declare in expose keyword
  • In test, dev and prod for webapp services it's convenient to set the restart policy to always. Instead for scheduled process (those with IaC) it's recomendeed the on-failure:<num_of_retries> value to avoid continuos restarting
  • IaC files (ex. scheduling files) can be stored in "iac" folder, and need to observe this guide
  • Continuous Development it's handy to update code in different environments, we set by adding "cloud.eagleprojects.autocd.enable=true" in label list keyword
  • Never use priviledged keyword, because of security reasons
  • PORT RULES(WIP)

For further documentations, look here

No Comments
Back to top