22/09/2021

Docker Best Practices Workshop - Presentation

Well, this is the 3rd post in the same month, I didn't do that for a long time! But Q3 2021 has been super productive and many things have been done.

Yesterday, as part of the knowledge share and developer enablement at Camunda, I delivered a Docker Best Practices Workshop which was available for the whole engineering division at Camunda.

What I really liked about this workshop, that everyone told me that they learned something new, even though they have been working with Docker for a pretty long time!

If I have a single piece of advice out of this workshop, it will be ... use the Dockerfile linter, use hadolint! Use it via CLI or integrate it with your IDE (e.g. check VS Code hadolint extension) Also, make it part of your CI pipeline! By using hadolint, you will avoid at least 50% of the Docker issues with your eyes closed!


The first part of the workshop, the presentation recording in HQ (just about 20 min!)

In this workshop, I've covered the following:

Essential Practices

  • Use Dockerfile linter
  • Check Docker language specific best practices
  • Create a single application per Docker image
  • Create configurable ephemeral containers

Image Practices

  • Use optimal base image
  • Pin versions everywhere
  • Create image with the optimal size
  • Use multi-stage whenever possible
  • Avoid any unnecessary files

Security Practices

  • Always use trusted images
  • Never use untrusted resources
  • Never store sensitive data in the image
  • Use a non-root user
  • Scan image vulnerabilities

Misc Practices

  • Leverage Docker build cache
  • Avoid system cache
  • Create a unified image across envs
  • Use ENTRYPOINT with CMD

Finally, here is the hands-on repo, where the best practices will be applied to a simple application: https://github.com/aabouzaid/docker-best-practices-workshop


That's it, enjoy :-)

Powered by Blogger.

Hello, my name is Ahmed AbouZaid, I'm a passionate Tech Lead DevOps Engineer. 👋

With 16+ years of open-source contributions, 12+ years of professional hands-on experience in DevOps, and an M.Sc. in Data Engineering from Edinburgh Napier University (UK), I enjoy facilitating the growth of both businesses and individuals.

I specialize in Cloud-Native and Kubernetes. I'm also a Free/Open source geek and book author. My favorite topics are DevOps transformation, automation, data, and metrics.

Contact Me

Name

Email *

Message *

Start Your DevOps Engineer Journey!

Start Your DevOps Engineer Journey!
Start your DevOps career for free the Agile way in 2024 with the Dynamic DevOps Roadmap ⭐

Latest Post

2023 Highlights

Image generated with Craiyon . Finally, 2023 is over! What a year! One more crazy year, but it was the culmination ...

Popular Posts

Blog Archive