Completek8s Classroomnotes 04/Jul/2023

Docker Instructions Contd

  • Instructions of Dockerfile
    • FROM: This instruction sets the base image. Refer Here for official docs
    • ARG: This instructions defines a variable that can be set while building the image and will be available during image build. Passing the argument can be done using --build-arg <argument-value>. Refer Here for official docs
    • LABEL Refer Here
    • ENV: With this instruction we can set environmental variable during image build as well when container is running. Environmental variables. Refer Here
    • WORKDIR: This instrcution sets the workdir
    • RUN: This is most frequently used command, which does the activity of executing a command for some installation/configuration of your application. Refer Here
    • COPY
    • ADD
    • USER: This instruction is used to specify the user so that all the steps/instructions after this will be executed as the user. USER has to be created before you use this instruction.
    • VOLUME
    • EXPOSE: This is used to inform Docker daemon about listening ports for containers Refer Here
    • CMD: This instruction defines the default process or argument when executing a container. The instructions in CMD can be written in shell form or exec form
      • SHELL FORM: CMD java -jar spc.jar
      • EXEC FORM: CMD ["java", "-jar", "spc.jar"]
    • ENTRYPOINT: This instruction will set which command container will run as executable. Whatever we write in CMD will be arguments to ENTRYPOINT
    • HEALTHCHECK
  • For all instructions Refer Here
  • Docker image is collection of readonly image layers

Build a spring pet clinic application

  • i need java 17 to be installed and i need a spring petclinic jar to be copied
FROM alpine:3.18.2
LABEL author=shaikkhajaibrahim
ARG DOWNLOAD_LOCATION=https://qtapps.s3.us-west-2.amazonaws.com/spring-petclinic-2.4.2.jar
ARG JAVA_PACKAGE=openjdk17-jdk
RUN apk update && \
        apk add ${JAVA_PACKAGE}
RUN wget ${DOWNLOAD_LOCATION}
  • Lets build the image by changing args docker image build -t spc:v1.0 --build-arg "JAVA_PACKAGE=openjdk11-jdk" --build-arg "DOWNLOAD_LOCATION=https://referenceapplicationskhaja.s3.us-west-2.amazonaws.com/spring-petclinic-2.4.2.jar" .
    Preview
  • Lets add an environmental variable in the docker image
FROM alpine:3.18.2
LABEL author=shaikkhajaibrahim
ARG DOWNLOAD_LOCATION=https://qtapps.s3.us-west-2.amazonaws.com/spring-petclinic-2.4.2.jar
ENV JAVA_TEST=hello
ARG JAVA_PACKAGE=openjdk11-jdk
RUN apk update && \
        apk add ${JAVA_PACKAGE} && \
        echo ${JAVA_TEST}
RUN wget ${DOWNLOAD_LOCATION}
  • Lets create a container based on image. Lets change the environmental variables while running the container docker container run -it -e JAVA_TEST=hi spc:v1.0 /bin/sh
    Preview
  • Lets use CMD to start the application when container is started
FROM alpine:3.18.2
LABEL author=shaikkhajaibrahim
ARG DOWNLOAD_LOCATION=https://referenceapplicationskhaja.s3.us-west-2.amazonaws.com/spring-petclinic-2.4.2.jar
ARG JAVA_PACKAGE=openjdk11-jdk
RUN apk update && \
        apk add ${JAVA_PACKAGE} && \
        echo ${JAVA_TEST}
RUN wget ${DOWNLOAD_LOCATION}
CMD ["java", "-jar", "spring-petclinic-2.4.2.jar"]
  • run the container post building the image
    Preview
  • Lets do the same thing in shell form
FROM alpine:3.18.2
LABEL author=shaikkhajaibrahim
ARG DOWNLOAD_LOCATION=https://referenceapplicationskhaja.s3.us-west-2.amazonaws.com/spring-petclinic-2.4.2.jar
ARG JAVA_PACKAGE=openjdk11-jdk
RUN apk update && \
        apk add ${JAVA_PACKAGE} && \
        echo ${JAVA_TEST}
RUN wget ${DOWNLOAD_LOCATION}
CMD java -jar spring-petclinic-2.4.2.jar

Preview
* Docker container will be in running state as long as main process is running
* Lets run the container docker container run -d spc:v1.3 echo hello
Preview
* echo hello has replace our CMD

ENTRYPOINT

  • Dockerfile
FROM alpine:3.18.2
LABEL author=shaikkhajaibrahim
ARG DOWNLOAD_LOCATION=https://referenceapplicationskhaja.s3.us-west-2.amazonaws.com/spring-petclinic-2.4.2.jar
ARG JAVA_PACKAGE=openjdk11-jdk
RUN apk update && \
        apk add ${JAVA_PACKAGE} && \
        echo ${JAVA_TEST}
RUN wget ${DOWNLOAD_LOCATION}
ENTRYPOINT ["java"]
CMD ["-jar", "spring-petclinic-2.4.2.jar"]
  • Lets change this with EXPOSE
* Dockerfile
```Dockerfile
FROM alpine:3.18.2
LABEL author=shaikkhajaibrahim
ARG DOWNLOAD_LOCATION=https://referenceapplicationskhaja.s3.us-west-2.amazonaws.com/spring-petclinic-2.4.2.jar
ARG JAVA_PACKAGE=openjdk11-jdk
RUN apk update && \
        apk add ${JAVA_PACKAGE} && \
        echo ${JAVA_TEST}
RUN wget ${DOWNLOAD_LOCATION}
EXPOSE 8080
ENTRYPOINT ["java"]
CMD ["-jar", "spring-petclinic-2.4.2.jar"]

Preview

Security Concern

  • Never run your applications inside containers as root users, Create a USER and the run app inside container with that user
FROM alpine:3.18.2
LABEL author=shaikkhajaibrahim
ARG DOWNLOAD_LOCATION=https://referenceapplicationskhaja.s3.us-west-2.amazonaws.com/spring-petclinic-2.4.2.jar
ARG JAVA_PACKAGE=openjdk11-jdk
ARG USER=spc
ARG HOME_DIR=/spc
ARG USER_SHELL=/bin/sh
RUN apk update && \
        apk add ${JAVA_PACKAGE} && \
        echo ${JAVA_TEST}
RUN adduser -h ${HOME_DIR} -s ${USER_SHELL} -D ${USER}
USER ${USER}
WORKDIR ${HOME_DIR}
RUN wget ${DOWNLOAD_LOCATION}
EXPOSE 8080
ENTRYPOINT ["java"]
CMD ["-jar", "spring-petclinic-2.4.2.jar"]
  • Now start the container and exec into shell
    Preview

Exercise

  • Run the nop commerce as nop user with workdir as /nop
  • Figure out what HEALTHCHECK instruction is all about.

Published
Categorized as Uncategorized Tagged

By continuous learner

devops & cloud enthusiastic learner

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Social Media Icons Powered by Acurax Web Design Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Visit Us On FacebookVisit Us On LinkedinVisit Us On Youtube