I think that docker is a great technology I have ever met and everyone should learn it. Simply, it is containerization technology. Forgot all dependency issues/errors!! Just focus on the application. Don't worry about your system. If something crashes, just pull and run your images again. That's it!
I am a bit lazy to write a full tutorial. If you know something about me, I like jotting down any problem I faced :) Stay tuned, I will update from time to time.
- Do u wanna run a bash script/or small code as soon as your container start, you can add the ENTRYPOINT [“echo”] to Dockerfile
- It is important to know that’s why our container crashes, but when container crash, every file is gone. If u wanna check the log, mount a volume for the logging.
- Inside the container, do u wanna use (GNU debugger) gdb? Use the following argument:
— cap-add=SYS_PTRACE — security-opt seccomp=unconfined
- Inside the container, you cannot call all system call, there are two options: using -privileged (it doesn’t fit container security). The other option is to check this config file. And add whatever you want to add, and use — security-opt seccomp=profile.json argument.
- Docker-compose is a tool that makes it easier to run apps that require multiple Docker containers.
- Kubernetes automates deployment, scaling, and management of containerized applications.
- Don’t store your keys in the image. You can pass them as an argument.
- The spoofing docker image attack can be occurred, please check and put your image names/tag carefully
- In Docker, the default setting is to allow the container to access all RAM and CPU resources on the host. It is important to set resource quotas, to limit the resources your container can use.
- docker system events shows the general update of the container
- – restart option is so useful, if your container crashes, it restarts automatically
