-
Build 100kB Docker Images from Scratch
📓 The Gist
You may think your 100mB Alpine images are small–but how about 100kB? Smaller images ship more quickly, and contain fewer attack vectors. Moreover, by optimizing images, you discover and isolate exactly what is needed for your app to run.
Let’s Optimize.
There are two key characteristics of scratch-based docker images:
- The Dockerfile has two build stages:
- a builder–which contains all of the build dependencies including source, libraries and tools and..
- a final image, containing the binary and any run-time dependencies (config files, certificates and dynamically linked libraries)
- The final image is
FROM scratch– the empty docker image
With this approach, your run-time image will contain exactly what is needed for your app to run – no additional config files, daemons or libraries that could be misconfigured or exploited.
-
PHP Dev Environment One-Liner
Here’s the fastest way to get your PHP app running. No MAMP, WAMP, apache or any of that nonsense.
Moreover, it allows you to run multiple projects independently.
I’m assuming you have docker.
tl;dr
This runs the php docker image, mounts the current directory, and spins up a server on port 8086
$ docker run -v $(pwd):/www -it -p8086:8086 php:5.6-alpine sh -c "cd www; php -S 0.0.0.0:8086"The Full Version
Create your index.php
$ cat > index.php <html><body><h1><?php print("Hello World!") ?> </h1></body></html> CTRL-DRun the Server
$ docker run -v $(pwd):/www -it -p8086:8086 php:5.6-alpine sh -c "cd www; php -S 0.0.0.0:8086"Test Your Server
$ curl localhost:8086 <html><body><h1>Hello World! </h1></body></html> -
Get Started with Bitcoin Using Docker
Like me, you’re probably more comfortable on a CLI. Here’s a quick way to use docker to set up a Bitcoin Wallet and trade Bitcoin for free on Testnet with Electrum. You can use the same tools to manage your real Bitcoin wallet too.
Setup
Make sure you have Docker for your OS ( Mac, Windows, Linux)
Run the
electrum-clidocker imageElectrum is a python-based Docker wallet with a both a gui and good cli. I’ve put together electrum-cli, a lightweight Alpine-linux Docker image with Electrum signed and installed with jq.
-
Using Custom Docker Images on Bitbucket Build Pipeline
Usually setting up the build dependencies is a major part of each build job. Thankfully, Atlassian’s Bitbucket Pipelines, the new CI platform that integrates into Bitbucket, supports custom docker images.
To configure the build pipeline, you create
bitbucket-pipeline.yml. This one uses our custom image (built below) and triggers builds whenever areleases-*tag is pushed.image: tonymet/tonym.us:latest pipelines: tags: release-*: - step: script: - make sync_down_images - make s3_uploadThat first line is the magic part – you can run ANY public docker image from dockerhub (and private ones as well with further setup).
-
Creating TGZ artifacts from Docker Images to Enable Service Migrations
A common migration pattern when moving to docker includes running some systems (e.g. dev, staging or a prod canary) on your docker image while the production app is still running your traditional tgz artifacts (e.g. your node app with node_modules)
Let’s create a travis build that creates two artifacts: (1) your docker image and (2) a tgz from the docker container.
Let’s assume you have a basic dockerfile with your app.js and a package.json. The key is that the app is built into
/usr/src/app -
Using the AWS EC2 Container Registry with EC2 Container Service
AWS announced recently that it’s EC2 Container Registry (ECR) is now available. ECR simplifies hosting private images. Previously, you had to manually push your docker.io credentials to each EC2 instance – likely a deliberate pain-point encouraging you to use ECR. With ECR, EC2 container hosts can easily fetch private images using IAM authentication.
Here are some of the gotchyas and stumbling blocks to help you get your repository up quickly and painlessly.
Tony Metzidis
Software Developer