Currently Iâm planning to dockerize some web applications but I didnât find a reasonably easy way do create the images to be hosted in my repository so I can pull them on my server.
What I currently have is:
- A local computer with a directory where the application that I want to dockerize is located
- A âdocker serverâ running Portainer without shell/ssh access
- A place where I can upload/host the Docker images and where I can pull the images from on the âDocker serverâ
- Basic knowledge on how to write the needed
Dockerfile
What I now need is a sane way to build the images WITHOUT setting up a fully featured Docker environment on the local computer.
Ideally something where I can build the images and upload them but without that something âlittering Docker-related files all over my systemâ.
Something like a VM that resets on every start maybe? So ⊠build the image, upload to repository, close the terminal window, and forget that anything ever happened.
What is YOUR solution to create and upload Docker images in a clean and sane way?
I use portainer, and when I deploy an image, I write a short bash script for it.
- stop the image if running
- pull the image
- run the image
This lets me easily do updates. I have a script for each image I run, itâs less than a dozen. Theyâre all from public repositories.
VM with a docker build environment.
As for âlitteringâ, a simple docker system prune -f after a build gets rid of most of it.
I use podman, and the standalone tool âbuildahâ can build images from dockerfiles, and the tool âskopeoâ can upload it to an image repository.
For the littering part, just type crontab -e and add the following line:
@daily docker system prune -a -f
You shouldnât need sudo to run docker, just can create a docker group and add your user to it. This will give you the steps on how to run docker without sudo.
Edit: as pointed out below, please make sure that youâre comfortable with giving these permissions to the user youâre adding to the docker group.
run docker without sudo.
Doing that, you effectively give the user account root access without password
docker run --volume /etc:/host_etc debian /bin/bash -> can read/write anything below the hostâs /etc directory, including shadow file, etc.
Careful this will also delete your unused volumes (not attached to a running container because it is stopped for whatever reason counts as unused). For this reason alone, always use bind mounts for volumes you care about.
Genuinely curious, what would the advantages be?
Also, what if the Linux distro does not have systemd?
I was just making a meme dude. Personally, I like systemd, itâs more complicated to learn, I ended up reading books to really learn it properly. Thereâs 100% nothing wrong with cron.
One of the reasons I like timers is journalctl integration. I can see everything in one place. Small thing.
The chances I am going to manage a linux distro without systemd are low, but some systems (arch for example) donât have cron out of the box.
Not that big of a deal since itâs easy to translate them all, but thatâs one of the reasons why I default to systemd/timer units.
I build, configure, and deploy them with nix flakes for maximum reproducibility. Itâs the way you should be doing it for archival purposes. With this tech, you can rebuild any docker image identically to todayâs in 100 years.
https://youtu.be/0uixRE8xlbY?si=NIIFyzRhXDmcU8Kh
and hereâs a link to a blog post, showing how to create a docker image and rust dev environment.
https://johns.codes/blog/rust-enviorment-and-docker-build-with-nix-flakes
