Docker: multi-stage and multi-environment

Transcript

1. Docker: multi-stage and multi-environment

2. Hello! I am Abdala Cerqueira I am here because I

   love to learn and share. 2

3. 3 Thank you!

4. 1. Docker Docker solved one of my biggest issues: dependency

   4

5. Dependencies ▷ Easy to add, hard to remove ▷ Security

   problems ▷ Difficult to manage I don’t like dependencies! 5

6. Install Freedom to install, test and isolate any source code

   in my computer Docker gave me freedom Remove Docker organizes it in a way that is easy to add and delete dependencies safely 6

7. Let’s get hands dirty 7 It’s time to use terminal

8. First part conclusions ▷ No more concerns about dependencies ▷

   Freedom to install and run any source code ▷ It's possible to version almost everything in your machine 8

9. 2. Dockerfile Passion about size and speed 9

10. Dockerfile Problem 1 Keep different Dockerfiles per environment Problem 2

    Send development dependencies to production Problem 3 Create big, huge, immense images. One or two commands may leave images out of control 10

11. 11 Dependencies

12. 12 Dependencies!

13. The last scan in March 11, 2019 13 https://snyk.io/blog/the-top-two-most-popular-docker-base-images-each-have-over-500-vulnerabilities

14. 14 https://snyk.io/blog/take-actions-to-improve-security-in-your-docker-images

15. Checklist ▷ Have only one Dockerfile regardless of the environment

    ▷ Don’t have development dependencies in production ▷ Manage less dependencies ▷ Create small images (< 100MB) 15

16. Examples ▷ Docker in Docker (dind) ▷ Standard Laravel project

    composer create-project laravel/laravel ▷ PHP as Apache module (Horizontal scale) ▷ Pre-downloaded and pre-builded images 16

17. 17

18. Let’s go deeper 18 It’s time to use terminal

19. Checklist ▷ Have only one Dockerfile regardless of the environment

    ▷ Don’t have development dependencies in production ▷ Manage less dependencies ▷ Create small images (< 100MB) 19

20. 20 Multi-stage

21. “ Multi-stage builds are useful to anyone who has struggled

    to optimize Dockerfiles while keeping them easy to read and maintain. 21 https://docs.docker.com/develop/develop-images/multistage-build

22. 22

23. 23

24. 24

25. 25

26. 26

27. Checklist ▷ Have only one Dockerfile regardless of the environment

    ▷ Don’t have development dependencies in production ▷ Manage less dependencies ▷ Create small images (< 100MB) 27

28. 28 Alpine Linux

29. “ Small. Simple. Secure. Alpine Linux is a security-oriented, lightweight

    Linux distribution based on musl libc and busybox. 29 https://alpinelinux.org

30. 30

31. 31

32. 32

33. 33

34. 34

35. Checklist ▷ Have only one Dockerfile regardless of the environment

    ▷ Don’t have development dependencies in production ▷ Manage less dependencies ▷ Create small images (< 100MB) 35

36. This is art! 36

37. Comparing images Base image size Image size Compressed image PHP

    378MB 440MB 158.4M PHP Multi-stage 378MB 430MB 153.2M Ubuntu 88.9MB 252MB 86.9M Alpine 5.53MB 43.3MB 12.6M 37

38. Bonus minidock (minicon, importcon and mergecon) Base image size Image

    size Compressed image Minidock image size Minidock compressed image PHP 378MB 430MB 153.2M 92.5MB 31M Ubuntu 88.9MB 252MB 86.9M 76.7MB 25M Alpine 5.53MB 43.3MB 12.6M - - 38 https://github.com/grycap/minicon

39. 3. CI/CD Build, test and deploy 39

40. 40

41. Talk is cheap 41 It’s time to use terminal

42. Final considerations ▷ Care about security ▷ Care about dependencies

    ▷ Care about size and speed ▷ Automate your processes 42

43. Thanks! Any questions? You can find me at: @abdalac Feedback:

    https:/ /joind.in/talk/3e7bc 43 https://joind.in/talk/3e7bc

44. Credits Special thanks to all the people who made and

    released these awesome resources for free: ▷ Presentation template by SlidesCarnival ▷ Photographs by Unsplash 44