deploy nodejs on docker

How many…are using Docker in production?

are using Docker in development?are here to see if Docker is the right tool for them?

#DesertCodeCamp @wfbutton

In this session:• Docker best practices • Deploying node.js • Creating Docker resources • Performance optimizing • Repeatable


http://bit.ly/dcc-docker


https://github.com/nodejs/docker-node/blob/master/docs/BestPractices.md


Our humble Dockerfile

• Actually called “Dockerfile”

• In the same directory as our code


…gets a Nodejs versionfrom node:4.4.7


Run as non-root

Limit exposure when compromised


…gets a userfrom node:4.4.7

RUN useradd --user-group --create-home --shell /bin/false nodejs


…gets and a homefrom node:4.4.7


ENV HOME=/home/nodejs


…gets a production envfrom node:4.4.7


ENV HOME=/home/nodejs ENV NODE_ENV=production


docker-compose

• Defines our container

• services, networks, volumes


docker-compose.ymlapp: mem_limit: 300m memswap_limit: 1g



build: .



build: .

ports: - '3000:3000'



build: .

ports: - ‘3000:3000’

volumes: - .:/home/nodejs/app

back to the Dockerfilefrom node:4.4.7



USER nodejs

CMD ["node", "server.js"]

This isn’t bad, and it will work… but we can improve it!


What if…I copied these into the container?


As a matter of fact…• it will create the node_modules folder

• thanks to Docker caching and build layers, if package.json and npm-shrinkwrap.json don’t change:

• the layer gets re-used

• Result: faster deploys because you don’t have to wait for npm install to run


there is a catch…from node:4.4.7



COPY package.json npm-shrinkwrap.json $HOME/app/ RUN chown -R nodejs:nodejs $HOME/* USER nodejs RUN npm install

CMD ["node", "server.js"]



build: .

ports: - ‘3000:3000’

volumes: - .:/home/nodejs/app - /home/nodejs/app/node_modules


docker-compose build


How’d we do?We set our environment variables in the Dockerfile.


How’d we do?We created a user ‘nodejs’ and launch our app with it.


How’d we do?We limited the memory and swap on our container to

prevent it from stealing resources.#DesertCodeCamp @wfbutton

How’d we do?We created our start command inside the container.


Test-drivedocker-compose up


Remember the .:/home?

• The dot is a local reference.

• On a remote server you can’t reference local folders

• Use a file system reference local to the Docker host


Going further

• Deploy script reduces deployments to a single command

• While simple to start, they can grow with your needs

• Imagine new developer on-boarding


Hey new guy,clone the repo and type ‘npm deploy’


The Keys to the CastleDon’t be ridiculous, we’re not doing that…


https://www.docker.com/sites/default/files/RA_CI%20with%20Docker_08.25.2015.pdf

or just Google “deploy

Docker with Jenkins”


Testing

• Sadly, still an area where Docker needs work

• Bundle test suite (and test data) into image

• Rely on external integration style tests for validation


• Goal of using best practices • Pinned version • non-root user • environment variables • memory limits

• Caching layers for performance • Locally vs. Remote Deploys • Single command deployments • Automated deployments • Testing


Try it out. Use the repo as a basic starter kit.

If it works, awesome! If it doesn’t, fail fast!


deploy nodejs on docker

Software