Docker
Useful commands
Build Image
docker build . -t $TAG
# no cache: --no-cache
# build args (like env vars): --build-arg NPM_TOKEN=$NPM_TOKENWith file in monorepo:
docker build -t $TAG -f $FILE --build-arg NAME=value .Check size
# save image
docker save $NAME -o $OUTPUT_FILE.tar
# login to image and run the following:
# root
du -h -s app/ bin/ dev/ etc/ home/ lib/ lib64/ media/ opt/ run/ sbin/ srv/ sys/ tmp/ usr/ var/
# usr
du -h -s bin/ include/ lib libexec/ local/ sbin/ share/
# app
du -h -s apps/ node_modules/ packages/
# by size
du -h | sort -hCheck vulnerabilities
trivy image $TAG --scanners vulnRun Image
# --net=host publishes host network to container, use it only for testing!
docker run --name $NAME -p 8080:8080 --net=host -d $TAG
# stop it with
docker stop $NAMEMonitoring
# images
docker images
# running container
docker ps
# logs
docker logs -f --tail 100 $NAME
# watch running instances
watch docker psClean up (more here)
# Removing unused containers
docker ps --filter status=exited --filter status=dead -q
docker rm $(docker ps --filter=status=exited --filter=status=dead -q)
# Removing dangling images
docker images --filter dangling=true -q
docker rmi $(docker images --filter dangling=true -q)Navigate docker image
docker run -it $TAG shStop all running containers
docker stop $(docker ps -a -q)Remove all containers
docker rm $(docker ps -aq)Dockerfile Best Practices
Use the right Node base image: https://snyk.io/blog/choosing-the-best-node-js-docker-image/
Using dumb-init
# https://github.com/Yelp/dumb-init
RUN apk add dumb-initAvoid calling npm, use instead:
EXPOSE 8080
CMD ["dumb-init", "node", "dist/index.js"]Non user example:
FROM node:10-alpine
RUN mkdir -p /home/node/app/node_modules && chown -R node:node /home/node/app
WORKDIR /home/node/app
COPY package*.json ./
USER node
RUN npm install
COPY --chown=node:node . .
EXPOSE 8080
CMD [ "node", "app.js" ]Docker Compose
Local build:
services:
web:
build:
context: project-root
dockerfile: dockerfile-path
ports:
- "8080:8080"Last updated