How to prepare docker for a production?

In order to use Docker on Production, you have to ensure that you can deploy easily, maintain multiple similar services and be ‘reboot proot’

1. Ditch Docker – Pick Compose

Docker compose is a great tool to keep docker as a configuration. You can add multiple dockers that too interlinked in docker-compose.yml file and run it.

2. Reboot proof Containers

There will be unavoidable circumstances when your host provider will reboot your system for scheduled or emergency maintenance. To ensure that containers/services come back online – use a ‘restart’ option. Version 2 and above support restart option.

[code]
version: '3.2'
services:
  web:
    image: nginx
    restart: always
[/code]

3. Avoiding network_mode: hosts

Network mode (network_mode) host ignores the port binding. Whatever port is exposed by the container is exposed from host machine. With multiple containers in a single machine, it is very commanded to have few services with same type – example Nginx serving static files when using docker on production. For this reason, only the first service will be able to start and rest will give port already used error. Thus, avoiding network_mode has hosts should be avoided unless it is absolutely required.

4. Log Management

Logs can become overwhelmingly problematic if not managed. Ensure the format of the log, its location and also check for logrotate service.  An unchecked log file will choke your server. It can disable ssh logins which can be devastating.

[code]
logging:
  options:
    max-size: '12m'
    max-file: '5'
  driver: json-file
[/code]

5. Not everything deserves a Container

It is tempting to have a stateless or portable container. However, some services need a lot of IO read-write and such services are often relying on databases. There can be a huge performance difference when these databases are not in containers.

 

How to truncate docker logs?

Docker logs are organized inside their respective container folders. However, with a single command you can truncate all the docker logs as following:

[code lang="bash"]sudo truncate -s 0 /var/lib/docker/containers/*/*-json.log[/code]

What is the best way to setup latest wordpress blog using docker?

Dream of any developer is to keep things portable and what would be more awesome thank to use Docker for your WordPress post right? I had plenty of hiccups in the setup like permission, portability, port and most annoying of all ssl compatibility.

Assuming that you have already installed docker-compose, you need a compose file as following.


version: '3.2'
services:
  wordpress:
    image: wordpress:5.2.0-php7.3-apache
    restart: always
    volumes:
        - "/etc/passwd:/etc/passwd:ro"
        - "/etc/group:/etc/group:ro"
        - ./wordpress/:/var/www/html/
    ports:
        - 91:80
    environment:
        - WORDPRESS_DB_PASSWORD=pass_is
        - WORDPRESS_TABLE_PREFIX=tb_
        - APACHE_RUN_USER=my_user
        - APACHE_RUN_GROUP=my_group
  mysql:
    image: mysql:5.7
    restart: always
    volumes:
        - type: bind
          source: ./mysql
          target: /var/lib/mysql
    environment:
        - MYSQL_ROOT_PASSWORD=pass_is

Solving the HTTPS – wordpress behind https proxy (ssl)

If you are using nginx behind https, you have to forward proto as https is

proxy_set_header X-Forwarded-Proto https;


server {
    listen 443 ssl;
    server_name yourdomain.com;
    index index.php index.html index.htm;
    ssl_trusted_certificate ./fullchain.pem;
    ssl_certificate ./fullchain.pem;
    ssl_certificate_key ./privkey.pem;
    root /usr/local/nginx/html/;
    location / {
        try_files $uri @app;
    }
    location @app {
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:8888;
        include .common/proxy.common;
    }
}

Back up your Blog.

sudo docker exec -it _mysql_1 mysqldump -uroot -ppass_id --all-databases > ./mysql-backup/backup.sql

Restore your Blog.

docker exec -i _mysql_1 mysql -uroot -ppass_id < ./backup.sql

Takeaways:

  1. Embedded passwd and group file.
  2. Setting host user and group for folder permission.
  3. We are mounting wordpress folder so that your files can be added to git as well and you can work on wp-config.php without any issues.
  4. MySQL too will have data folder.
  5. You can easily move setup to different server in matters of mins.