Kevin Simper, profile picture
Uploaded byKevin Simper
182 views

Docker Best Practices in development and Production

The document outlines best practices for using Docker in development and production environments, emphasizing the importance of using official images, multi-stage builds, and running containers with read-only files and security options such as seccomp. It covers the use of Docker Compose for managing services, networking configurations, and resource limits. Additionally, it highlights key features like service discovery, seamless integration with CI/CD pipelines, and handling of secrets securely.

Embed presentation

Download to read offline
Docker Best Practices Development and Production 1 / 44
Why should you be serious about using it 2 / 44
development: 3 / 44
docker-compose 4 / 44
version: "3" services: app: build: ./app 5 / 44
bring up in 1 command 6 / 44
run as another user 7 / 44
image size 8 / 44
multi-stage builds 9 / 44
FROM gcr.io/connectedcars-staging/connectedcars-node:9.3 as builder ARG GITHUB_AT WORKDIR /app RUN apt-get update && apt-get install -y mysql-client ADD . /app RUN yarn global add node-gyp RUN yarn ENV NODE_ENV production RUN npm run compile RUN rm -rf node_modules && yarn FROM gcr.io/connectedcars-staging/connectedcars-node-production:9.3 ENV NODE_ENV production WORKDIR /app EXPOSE 9000 COPY --from=builder /app . CMD npm run production 10 / 44
use official images 11 / 44
create your own base images 12 / 44
don't use latest, use git sha images are mutable 13 / 44
Continues Integration 14 / 44
Google Cloud Builder 15 / 44
Google Container Registry 16 / 44
overlay network multiple networks 17 / 44
version: "3" services: proxy: build: ./proxy networks: - frontend app: build: ./app networks: - frontend - backend db: image: postgres networks: - backend networks: frontend: backend: 18 / 44
docker volumes 19 / 44
version: "3" services: db: image: db volumes: - data-volume:/var/lib/db backup: image: backup-service volumes: - data-volume:/var/lib/backup/data volumes: data-volume: 20 / 44
service discovery 21 / 44
version: "3" services: app: build: ./app db: image: db 22 / 44
limits? 23 / 44
version: '3' services: redis: image: myapp deploy: resources: limits: cpus: '0.50' memory: 500M reservations: cpus: '0.25' memory: 200M 24 / 44
Kubernetes for development? 25 / 44
# deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: kevin-myapp spec: selector: matchLabels: app: kevin-myapp replicas: 2 # tells deployment to run 2 pods matching the template template: # create pods using pod definition in this template metadata: labels: app: kevin-myapp spec: containers: - name: kevin-myapp image: gcr.io/dd-decaf-cfbf6/kevin-myapp:latest ports: - containerPort: 8000 26 / 44
production: 27 / 44
secrets should be files 28 / 44
docker run -v $(pwd)/secrets/db.json:/secrets/db.json myapp 29 / 44
run as read-only 30 / 44
docker run -d -p 80:80 --read-only nginx 31 / 44
seccomp / apparmour 32 / 44
33 / 44
gvisor Google Container Runtime Sandbox 34 / 44
35 / 44
36 / 44
37 / 44
Jessie Franzelle https://blog.jessfraz.com/post/containers-security-and-echo-chambers/ 38 / 44
$ docker run --rm -it --security-opt seccomp=/path/to/seccomp/profile.json hello-world 39 / 44
demo seccomp https://docs.docker.com/engine/security/seccomp/#significant-syscalls-blocked-by-the- default-profile https://raw.githubusercontent.com/moby/moby/master/profiles/seccomp/default.json 40 / 44
Connected Cars 41 / 44
Startup, Serverless... 42 / 44
Summary bring up in 1 command read-only secrets as files seccomp is power full 43 / 44
kevin.simper@gmail.com @kevinsimper 44 / 44

More Related Content

PDF
There is-no-snapshot
byOle Christian Langfjæran
 
PDF
Criando pipelines de entrega contínua multilinguagem com Docker e Jenkins
byCamilo Ribeiro
 
PDF
server side Swift
byNormanSutorius
 
PPTX
Unlimited Staging Environments on Kubernetes
byErik Osterman
 
PDF
Concourse CI Meetup Demo
byToshiaki Maki
 
PDF
Heroku and Rails Applications
byAndreas Sotnik
 
PDF
Dockerize Spago Self Contained ML & NLP Library & Deploy on Okteto Cloud Usin...
bysangam biradar
 
PDF
Getting to Angular 2
byJennifer Bourey
 
There is-no-snapshot
byOle Christian Langfjæran
 
Criando pipelines de entrega contínua multilinguagem com Docker e Jenkins
byCamilo Ribeiro
 
server side Swift
byNormanSutorius
 
Unlimited Staging Environments on Kubernetes
byErik Osterman
 
Concourse CI Meetup Demo
byToshiaki Maki
 
Heroku and Rails Applications
byAndreas Sotnik
 
Dockerize Spago Self Contained ML & NLP Library & Deploy on Okteto Cloud Usin...
bysangam biradar
 
Getting to Angular 2
byJennifer Bourey
 

What's hot

PPTX
Introduction to Jenkins X
byFaithlin Paul
 
PDF
Capedwarf
byJonathan Franchesco Torres Baca
 
PDF
Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...
byTed Won
 
PDF
Happy Helming With Okteto
bysangam biradar
 
PDF
New Features Webinar-April
byCodefresh
 
PDF
Front matter: Next Level Front End Deployments on OpenShift
byLance Ball
 
PDF
Hot deployments with distillery
byJeffrey Chan
 
PDF
Зоопарк React-у
byStfalcon Meetups
 
PPTX
React native development with expo
bySangSun Park
 
PDF
OSCONF - April 2021 - Run GitHub Actions Locally with nektos/act and Docker
byGaurav Gahlot
 
PDF
Seamless Continuous Deployment Using Docker Containers
byFaiz Bashir
 
PDF
2016 05-cloudsoft-amp-and-brooklyn-new
byBradDesAulniers2
 
PDF
Introduction of cloud native CI/CD on kubernetes
byKyohei Mizumoto
 
PDF
Angboard
byRichard Jones
 
PPTX
Microsoft azure pipeline + Docker + Amazon s3 + Jekyll + github
byTarun Jangra
 
PPTX
Ultimate Productivity Tools
byAmal Dev
 
PDF
2013-03-07 indie developer toolkit
byCocoaHeads Tricity
 
PDF
Deploy With Codefresh to Kubernetes in 3 steps
byJenny Passi
 
PDF
Gitflow Workflow
byHean Hong Leong
 
PDF
DMCA #25: Jenkins - Docker & Android: Comment Docker peu faciliter la créatio...
byOlivier Destrebecq
 
Introduction to Jenkins X
byFaithlin Paul
 
Capedwarf
byJonathan Franchesco Torres Baca
 
Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...
byTed Won
 
Happy Helming With Okteto
bysangam biradar
 
New Features Webinar-April
byCodefresh
 
Front matter: Next Level Front End Deployments on OpenShift
byLance Ball
 
Hot deployments with distillery
byJeffrey Chan
 
Зоопарк React-у
byStfalcon Meetups
 
React native development with expo
bySangSun Park
 
OSCONF - April 2021 - Run GitHub Actions Locally with nektos/act and Docker
byGaurav Gahlot
 
Seamless Continuous Deployment Using Docker Containers
byFaiz Bashir
 
2016 05-cloudsoft-amp-and-brooklyn-new
byBradDesAulniers2
 
Introduction of cloud native CI/CD on kubernetes
byKyohei Mizumoto
 
Angboard
byRichard Jones
 
Microsoft azure pipeline + Docker + Amazon s3 + Jekyll + github
byTarun Jangra
 
Ultimate Productivity Tools
byAmal Dev
 
2013-03-07 indie developer toolkit
byCocoaHeads Tricity
 
Deploy With Codefresh to Kubernetes in 3 steps
byJenny Passi
 
Gitflow Workflow
byHean Hong Leong
 
DMCA #25: Jenkins - Docker & Android: Comment Docker peu faciliter la créatio...
byOlivier Destrebecq
 

Similar to Docker Best Practices in development and Production

PPTX
DockerCon 15 Keynote - Day 2
byDocker, Inc.
 
PDF
Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...
byDocker, Inc.
 
PDF
Docker in Production: How RightScale Delivers Cloud Applications
byRightScale
 
PDF
Docker introduction
byJulien Maitrehenry
 
PDF
Webinar: From Development to Production with Docker and MongoDB
byMongoDB
 
PPTX
Real World Experience of Running Docker in Development and Production
byBen Hall
 
PDF
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
byDynamicInfraDays
 
PDF
Container Days
byPatrick Mizer
 
PDF
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
byDynamicInfraDays
 
PDF
Best Practices for Developing & Deploying Java Applications with Docker
byEric Smalling
 
PDF
Docker: do's and don'ts
byPaolo Tonin
 
PDF
Dockercon 23 - Getting started with Docker
byssuserfb6acb
 
PDF
Killer Docker Workflows for Development
byChris Tankersley
 
PDF
ContainerDayVietnam2016: Dockerize a small business
byDocker-Hanoi
 
PDF
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and more
byAll Things Open
 
PDF
Docker's Jérôme Petazzoni: Best Practices in Dev to Production Parity for Con...
byHeavybit
 
PDF
Docker primer and tips
bySamuel Chow
 
PDF
From development environments to production deployments with Docker, Compose,...
byJérôme Petazzoni
 
PPTX
From Docker to Production - ZendCon 2016
byChris Tankersley
 
ODP
Dockerfiles & Best Practices
byAvash Mulmi
 
DockerCon 15 Keynote - Day 2
byDocker, Inc.
 
Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...
byDocker, Inc.
 
Docker in Production: How RightScale Delivers Cloud Applications
byRightScale
 
Docker introduction
byJulien Maitrehenry
 
Webinar: From Development to Production with Docker and MongoDB
byMongoDB
 
Real World Experience of Running Docker in Development and Production
byBen Hall
 
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
byDynamicInfraDays
 
Container Days
byPatrick Mizer
 
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
byDynamicInfraDays
 
Best Practices for Developing & Deploying Java Applications with Docker
byEric Smalling
 
Docker: do's and don'ts
byPaolo Tonin
 
Dockercon 23 - Getting started with Docker
byssuserfb6acb
 
Killer Docker Workflows for Development
byChris Tankersley
 
ContainerDayVietnam2016: Dockerize a small business
byDocker-Hanoi
 
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and more
byAll Things Open
 
Docker's Jérôme Petazzoni: Best Practices in Dev to Production Parity for Con...
byHeavybit
 
Docker primer and tips
bySamuel Chow
 
From development environments to production deployments with Docker, Compose,...
byJérôme Petazzoni
 
From Docker to Production - ZendCon 2016
byChris Tankersley
 
Dockerfiles & Best Practices
byAvash Mulmi
 

More from Kevin Simper

PDF
Why is my build times so long?
byKevin Simper
 
PDF
Building a game with WebVR
byKevin Simper
 
PDF
How to create a CV
byKevin Simper
 
PDF
Building P2P in the browser for zero cost
byKevin Simper
 
PDF
How Kubernetes allows your Startup to scale
byKevin Simper
 
PDF
Contributing Open-Source workshop
byKevin Simper
 
PDF
WebVR is now accessible
byKevin Simper
 
PDF
Kubernetes at Google Cloud Community Copenhagen
byKevin Simper
 
PDF
Making Docker and Kubernetes a success at your Company
byKevin Simper
 
PDF
Hack4dk presentation
byKevin Simper
 
Why is my build times so long?
byKevin Simper
 
Building a game with WebVR
byKevin Simper
 
How to create a CV
byKevin Simper
 
Building P2P in the browser for zero cost
byKevin Simper
 
How Kubernetes allows your Startup to scale
byKevin Simper
 
Contributing Open-Source workshop
byKevin Simper
 
WebVR is now accessible
byKevin Simper
 
Kubernetes at Google Cloud Community Copenhagen
byKevin Simper
 
Making Docker and Kubernetes a success at your Company
byKevin Simper
 
Hack4dk presentation
byKevin Simper
 

Recently uploaded

PDF
Cybersecurity Prevention and Detection: Unit 2
byVICTOR MAESTRE RAMIREZ
 
PDF
"DISC as GPS for team leaders: how to lead a team from storming to performing...
byFwdays
 
PPTX
Leon Brands - Intro to GPU Occlusion (Graphics Programming Conference 2024)
byleonbrands1998
 
PDF
[BDD 2025 - Artificial Intelligence] AI for the Underdogs: Innovation for Sma...
byWintari Yasmin
 
PDF
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
PDF
Transforming Content Operations in the Age of AI
byEnterprise Knowledge
 
PDF
[BDD 2025 - Artificial Intelligence] Building AI Systems That Users (and Comp...
byWintari Yasmin
 
PDF
Accessibility & Inclusion: What Comes Next. Presentation of the Digital Acces...
byAssociazione Digital Days
 
PPTX
MuleSoft AI Series : Introduction to MCP
byMulesoftMunichMeetup
 
PDF
Cloud Infrastructure monitoring with Grafana Cloud
byImma Valls Bernaus
 
PPTX
kernel PPT (Explanation of Windows Kernal).pptx
byINFOBYTES1
 
PPTX
Leon Brands - Methodical GPU Profiling (Graphics Programming Conference 2025)
byleonbrands1998
 
PDF
Mastering Agentic Orchestration with UiPath Maestro | Hands on Workshop
byUiPathCommunity
 
PDF
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
PDF
The Evolving Role of the CEO in the Age of AI
byPipal Tree Services Executive Search Firm
 
PDF
Lets Build a Serverless Function with Kiro
byChris Bingham
 
PDF
How Much Does It Cost to Build an eCommerce Website in 2025.pdf
byPixlogix Infotech
 
PDF
PCCC25(設立25年記念PCクラスタシンポジウム):富士通株式会社 テーマ2「AI Computing Broker: Make your GPUs ...
byPC Cluster Consortium
 
PDF
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
PDF
[BDD 2025 - Full-Stack Development] Agentic AI Architecture: Redefining Syste...
byWintari Yasmin
 
Cybersecurity Prevention and Detection: Unit 2
byVICTOR MAESTRE RAMIREZ
 
"DISC as GPS for team leaders: how to lead a team from storming to performing...
byFwdays
 
Leon Brands - Intro to GPU Occlusion (Graphics Programming Conference 2024)
byleonbrands1998
 
[BDD 2025 - Artificial Intelligence] AI for the Underdogs: Innovation for Sma...
byWintari Yasmin
 
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
Transforming Content Operations in the Age of AI
byEnterprise Knowledge
 
[BDD 2025 - Artificial Intelligence] Building AI Systems That Users (and Comp...
byWintari Yasmin
 
Accessibility & Inclusion: What Comes Next. Presentation of the Digital Acces...
byAssociazione Digital Days
 
MuleSoft AI Series : Introduction to MCP
byMulesoftMunichMeetup
 
Cloud Infrastructure monitoring with Grafana Cloud
byImma Valls Bernaus
 
kernel PPT (Explanation of Windows Kernal).pptx
byINFOBYTES1
 
Leon Brands - Methodical GPU Profiling (Graphics Programming Conference 2025)
byleonbrands1998
 
Mastering Agentic Orchestration with UiPath Maestro | Hands on Workshop
byUiPathCommunity
 
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
The Evolving Role of the CEO in the Age of AI
byPipal Tree Services Executive Search Firm
 
Lets Build a Serverless Function with Kiro
byChris Bingham
 
How Much Does It Cost to Build an eCommerce Website in 2025.pdf
byPixlogix Infotech
 
PCCC25(設立25年記念PCクラスタシンポジウム):富士通株式会社 テーマ2「AI Computing Broker: Make your GPUs ...
byPC Cluster Consortium
 
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
[BDD 2025 - Full-Stack Development] Agentic AI Architecture: Redefining Syste...
byWintari Yasmin
 

Docker Best Practices in development and Production