They are all based around Docker related files (Dockerfile, docker-compose.yml and .dockerignore):
https://nickjanetakis.com/blog/best-practices-when-it-comes-to-writing-docker-related-files
What are some of your Docker best practices?
Answers to your questions
They are all based around Docker related files (Dockerfile, docker-compose.yml and .dockerignore):
https://nickjanetakis.com/blog/best-practices-when-it-comes-to-writing-docker-related-files
What are some of your Docker best practices?
What is the reason for this one?
>Use Alpine as a base image unless you can’t due to technical reasons
I tend to use CentOS as a base because it’s what I’m most familiar with. Are there technical reasons for using Alpine over anything else? Does this only apply to using Docker for a specific purpose?
Just a few off my head:
* Explicit > Implicit
* Don’t forward database ports (or at least only on “secure” network interfaces)
* Use entrypoints for any application that relies on another service.
* Be wary of data persistence.
* Be wary of naming conflicts and shared files when using multiple docker compose instances.
* Bloat matters, no need to stick dev libs in a production-ready image.
If alpine is the best practice, i must be using it wrong. I have had major problems with the dns randomly failing when doing things like connecting to databases or other external services. Anyone else have this issue?
i stay away from alpine and also from certain applications in docker. always weird stuff happens while on a bare vm it stays solid for months
Nice.. I wish I knew more about docker running on hyperv and what that does for performance!
Good post, though I don’t know if I’d say using Alpine is a best practice. More precisely, keep your base image as lean as possible. If I were going to use a slim base image I’d also consider the Google slim images.
Another thing worth mentioning is using multi-stage builds where possible. It can have a HUGE impact on your final file size and make your containers much easier to maintain.
Til: stop using alpine
Beware: you should never use $PWD unless you’re sure you always run docker-compose on the DOCKER_HOST. Whenever you are using the client/server functionality of docker, this no longer works correctly (unless you also deploy the files you are referring to on the host itself.
\> Include a curl driven HEALTHCHECK (if it makes sense)
Why not use wget? Curl isn’t shipped with Alpine by default
\> Stick to the \[\] syntax when supplying your CMD instructions
Why not just write the plain command? The \[\] syntax only seems to clutter the picture
\> Use $PWD instead of . for when you need the current directory’s path
Why?