Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Configuring ColdFusion Docker containers throug...

Configuring ColdFusion Docker containers through environment variables

Containers have become the cornerstone of modern development, but hardcoded configurations can complicate deployment and limit their usefulness. There’s no need to lock yourself in to local-only development, clutter your deployment pipeline with multiple configurations, or worst of all … expose secret keys and passwords in your git repos!

Let’s discover together how we can create flexible configurations, distribute our projects reliably and securely among a myriad of environments and throughout our application’s lifecycle. We’ll take a look at the different environment variables used in Docker images for Adobe ColdFusion and Commandbox. We'll inspect how they are used in open source projects like Masa CMS. You'll discover how to create some for your own projects. And we'll discover how to configure them alongside your containers in AWS, GCP and Azure.

Guust Nieuwenhuis

October 04, 2023
Tweet

More Decks by Guust Nieuwenhuis

Other Decks in Technology

Transcript

  1. ABOUT ME Guust Nieuwenhuis Managing Partner @ We Are North

    Full Stack Web Wizard Masa CMS Born in The Netherlands Living in Belgium Football coach Mountainbiker
  2. I. Codebase II. Dependencies III. Config IV. Backing services V.

    Build, release, run VI. Processes VII. Port binding VIII. Concurrency IX. Disposability X. Dev/prod parity XI. Logs XII. Admin processes
  3. I. Codebase II. Dependencies III. Config IV. Backing services V.

    Build, release, run VI. Processes VII. Port binding VIII. Concurrency IX. Disposability X. Dev/prod parity XI. Logs XII. Admin processes
  4. STORE CONFIG IN THE ENVIRONMENT An app’s con fi g

    is everything that is likely to vary between deploys (staging, production, developer environments, etc)
  5. I. Codebase II. Dependencies III. Config IV. Backing services V.

    Build, release, run VI. Processes VII. Port binding VIII. Concurrency IX. Disposability X. Dev/prod parity XI. Logs XII. Admin processes
  6. A VARIABLE WHOSE VALUE IS SET OUTSIDE THE APPLICATION AND

    AFFECTS THE WAY APPLICATIONS BEHAVE Since 1979
  7. $ printenv __CFBundleIdentifier=com.apple.Terminal TMPDIR=/var/folders/39/dlwg4phj09508hq4d8zhrs600000gn/T/ XPC_FLAGS=0x0 LaunchInstanceID=7B6325E4-B6DB-4A0B-8CC9-1FC70EECBAD7 TERM=xterm-256color SSH_AUTH_SOCK=/private/tmp/com.apple.launchd.055kmmIwsv/Listeners SECURITYSESSIONID=186a6 XPC_SERVICE_NAME=0

    TERM_PROGRAM=Apple_Terminal TERM_PROGRAM_VERSION=447 PWD=/Users/guustnieuwenhuis SHLVL=2 SHELL=/bin/zsh HOME=/Users/guustnieuwenhuis LOGNAME=guustnieuwenhuis USER=guustnieuwenhuis PATH=/Users/guustnieuwenhuis/.gem/ruby/3.0.0/bin: OLDPWD=/Users/guustnieuwenhuis LC_CTYPE=UTF-8 _=/usr/bin/printenv
  8. $ docker build -t app --build-arg VERSION=1.0 . [+] Building

    0.0s (5/5) FINISHED => [internal] load .dockerignore => => transferring context: 2B => [internal] load build definition from Dockerfile => => transferring dockerfile: 147B => [internal] load metadata for docker.io/adobecoldfusion/coldfusion:latest => CACHED [1/1] FROM docker.io/adobecoldfusion/coldfusion => exporting to image => => exporting layers => => writing image sha256:5afe3a1890d670e183df27e6a9acc5da23c1e4da9a93c8d09fb957b7351fe59d => => naming to docker.io/library/app
  9. $ docker build -t app --build-arg VERSION=${BITBUCKET_TAG} . [+] Building

    0.0s (5/5) FINISHED => [internal] load .dockerignore => => transferring context: 2B => [internal] load build definition from Dockerfile => => transferring dockerfile: 147B => [internal] load metadata for docker.io/adobecoldfusion/coldfusion:latest => CACHED [1/1] FROM docker.io/adobecoldfusion/coldfusion => exporting to image => => exporting layers => => writing image sha256:5afe3a1890d670e183df27e6a9acc5da23c1e4da9a93c8d09fb957b7351fe59d => => naming to docker.io/library/app
  10. $ docker run -p 80:8500 -e acceptEULA=YES adobecoldfusion/coldfusion Updating webroot

    to /app Configuring virtual directories Skipping password updation Skipping language updation Serial Key: Not Provided Previous Serial Key: Not Provided Starting ColdFusion Starting ColdFusion 2023 server ... ====================================================================== ColdFusion 2023 server has been started. ColdFusion 2023 will write logs to /opt/coldfusion/cfusion/bin/../logs/coldfusion-out.log ======================================================================
  11. $ docker run -p 80:8500 --env acceptEULA=YES adobecoldfusion/coldfusion Updating webroot

    to /app Configuring virtual directories Skipping password updation Skipping language updation Serial Key: Not Provided Previous Serial Key: Not Provided Starting ColdFusion Starting ColdFusion 2023 server ... ====================================================================== ColdFusion 2023 server has been started. ColdFusion 2023 will write logs to /opt/coldfusion/cfusion/bin/../logs/coldfusion-out.log ======================================================================
  12. $ docker run -p 80:8500 --env-file ./.env adobecoldfusion/coldfusion Updating webroot

    to /app Configuring virtual directories Skipping password updation Skipping language updation Serial Key: Not Provided Previous Serial Key: Not Provided Starting ColdFusion Starting ColdFusion 2023 server ... ====================================================================== ColdFusion 2023 server has been started. ColdFusion 2023 will write logs to /opt/coldfusion/cfusion/bin/../logs/coldfusion-out.log ======================================================================
  13. Environment variables precedence 1. Set using docker compose run -e

    in the CLI 2. Substituted from your shell 3. Set using the environment attribute in the Compose file 4. Use of the --env-file argument in the CLI 5. Use of the env_file attribute in the Compose file 6. Set using an .env file placed at base of your project directory 7. Set in a container image in the ENV directive. Having any ARG or ENV setting in a Dockerfile evaluates only if there is no Docker Compose entry for environment, env_file or run --env.
  14. Required ENV Variables: acceptEULA=YES Optional ENV variables: serial=<ColdFusion Serial Key>

    previousSerial=<ColdFusion Previous Serial Key (Upgrade)> password=<Password> enableSecurePro fi le=<true/false(default)> con fi gureExternalSessions=<true/false(default)> externalSessionsHost=<Redis Host (Default:localhost)> externalSessionsPort=<Redis Port (Default:6379)> externalSessionsPassword=<Redis Password (Default:Empty)> con fi gureExternalAddons=<true/false(default)> addonsHost=<Addon Container Host (Default: localhost)> addonsPort=<Addon Container Port (Default: 8993)> addonsUsername=<Solr username (Default: admin)> addonsPassword=<Solr password (Default: admin)> addonsPDFServiceName=<PDF Service Name (Default: addonsContainer)> addonsPDFSSL=<true/false(default)> setupScript=<CFM page to be invoked on startup. Must be present in the webroot, /app> setupScriptDelete=<true/false(default) Auto delete setupScript post execution> language=<ja/en (Default: en)> installModules=<Comma delimited list of modules to be installed by CF Package Manager,accepts 'all' for installing all the available packages> importCFSettings=<A JSON fi le containing the CF Settings to be imported . Must be present in the webroot, /app> importCFSettingsPassphrase=<Passphrase to import CF settings from an encrypted JSON fi le.> importModules=<A text fi le containing packages to be imported. Must be present in the webroot, /app>
  15. <cfabort/> [settings] appreloadkey=appreload mode=production [production] admindir=/admin admindomain= adminemail= adminssl=false allowautoupdates=true

    allowedIndexFiles=index.cfm,index.json,index.html allowlocalfiles=false alwaysUseLocalRenderer=false assetdir=/s3assets assetpath= autodiscoverplugins=true autoresetpasswords=false autoupdateurl=https://github.com/MasaCMS/MasaCMS/archive/main.zip bcryptpasswords=true clientmanagement=false settings.ini.cfm
  16. version: "3.7" services: app: image: adobecoldfusion/coldfusion environment: docker-compose.yml - MURA_ADMIN_USERNAME:

    admin - MURA_ADMIN_PASSWORD: admin - MURA_ADMINEMAIL: [email protected] - MURA_APPRELOADKEY: appreload - MURA_SITEIDINURLS: "true" - MURA_INDEXFILEINURLS: "true" - MURA_DBTYPE: mysql - MURA_DBCONNECTIONSTRING: “jdbc:mysql://masa_mysql:3306/masadb" - MURA_DBCLASS: com.mysql.jdbc.Driver - MURA_DBUSERNAME: root - MURA_DBPASSWORD: rootpassword - MURA_DBHOST: masa_mysql - MURA_DBPORT: 3306
  17. version: "3.7" services: docker-compose.yml mysql: image: mysql:latest environment: MYSQL_ROOT_PASSWORD: rootpassword

    MYSQL_DATABASE: testdb app: image: adobecoldfusion/coldfusion environment: - DBTYPE: mysql - DBCLASS: com.mysql.jdbc.Driver - DBCONNECTIONSTRING: "jdbc:mysql://mysql:3306/testdb" - DBUSERNAME: root - DBPASSWORD: rootpassword
  18. component { this.datasources = { testdb = { driver =

    server.system.environment.DBTYPE, class = server.system.environment.DBCLASS, url = server.system.environment.DBCONNECTIONSTRING, username = server.system.environment.DBUSERNAME, password = server.system.environment.DBPASSWORD } }; } Application.cfc
  19. TaskDefinition: Type: AWS::ECS::TaskDefinition Properties: NetworkMode: 'awsvpc' Cpu: '256' Memory: '512'

    ExecutionRoleArn: !Ref TaskRole TaskRoleArn: !Ref TaskRole RequiresCompatibilities: - FARGATE ContainerDefinitions: - Name: "acfengine" Image: "adobecoldfusion/coldfusion" Environment: - Name: "acceptEULA" Value: "YES" - Name: "serial" Value: "ssm://my.acf.serial" AWS CloudFormation
  20. const containerDefinitionProps: ecs.ContainerDefinitionProps = { image: containerImage, taskDefinition: taskDefinition, environment:

    { acceptEULA: 'YES', }, secrets: { serial: EcsSecret.fromSsmParameter( StringParameter.fromStringParameterAttributes( stack, "serial", { parameterName: `/ecs/ecd/serial`, } ) ), }; AWS CDK