Difference between revisions of "Docker Best Practices"
From Gcube Wiki
Manuele.simi (Talk | contribs) |
Manuele.simi (Talk | contribs) |
||
Line 23: | Line 23: | ||
== Use COPY instead of ADD == | == Use COPY instead of ADD == | ||
+ | |||
+ | == Sensitive Information == | ||
+ | Never add passwords, hostnames, externals paths, tokens, and keys into images. Use a <code>.dockerignore</code> file to avoid a hazardous COPY instruction, which pulls in sensitive information from the build context. | ||
== Minimize the Image Size == | == Minimize the Image Size == |
Revision as of 17:23, 14 August 2020
Contents
Docker Repositories
Setting up a DTR or Docker Hub? Single User vs Organization?
Layout of a Docker-enabled Project
Dockerfile
Where to keep the Dockerfile
Base/Composed Images
Which ones we can use? Which repos/organizations do we trust?
Use Metadata Labels
Define the Maintainers
Which Users inside the Image
Define the App Name
Define the WORKDIR
Use COPY instead of ADD
Sensitive Information
Never add passwords, hostnames, externals paths, tokens, and keys into images. Use a .dockerignore
file to avoid a hazardous COPY instruction, which pulls in sensitive information from the build context.
Minimize the Image Size
Build the Image
Tags
Use fixed tags for immutability.