diff --git a/app_go/.dockerignore b/app_go/.dockerignore new file mode 100644 index 0000000000..ecce1be801 --- /dev/null +++ b/app_go/.dockerignore @@ -0,0 +1,2 @@ +*.md +*.png diff --git a/app_go/DOCKER.md b/app_go/DOCKER.md new file mode 100644 index 0000000000..37f7ca0097 --- /dev/null +++ b/app_go/DOCKER.md @@ -0,0 +1,10 @@ +## 1. Best Practices + +1. Designating ENVironment variables via ENV +2. Designating PORT via EXPORT +3. Copying only essential files, not just "COPY . ." + +~~The rest points are in the precondition of the lab, but let's pretend we didn't know and implemented these best practices on our own~~ + +4. Explicit version designation (base image, golang versions) +5. User added to avoid root access diff --git a/app_go/Dockerfile b/app_go/Dockerfile new file mode 100644 index 0000000000..5995e7ea77 --- /dev/null +++ b/app_go/Dockerfile @@ -0,0 +1,21 @@ +FROM golang:1.23.5-alpine3.21 + +# Environment variables +ENV ADMIN_USER="admin" + +# Copy static file directory +COPY static ./static +# Copy python app file +COPY main.go ./ + +# Setup an app user so the container doesn't run as the root user +RUN adduser --system $ADMIN_USER +USER $ADMIN_USER + +# Compile go application +RUN go build -o randomizer main.go + +# Explicitly specify port +EXPOSE 3000 + +CMD ["./randomizer"] diff --git a/app_go/README.md b/app_go/README.md index eb6ebe5c29..ef360eee02 100644 --- a/app_go/README.md +++ b/app_go/README.md @@ -38,3 +38,20 @@ When trying to get the result with conditions unsatisfied, the button will get r ![](images/image2.png) +## Docker + +Building the image: +```bash +docker build -t your_image_name . +``` + +Pulling the image: +```bash +docker pull tjann7/go_random +``` + +Running the image locally ~~if you don't like parameters, good luck finding container's address~~: +```bash +docker run --network="host" go_random +``` + diff --git a/app_go/distroless.dockerfile b/app_go/distroless.dockerfile new file mode 100644 index 0000000000..597aea079f --- /dev/null +++ b/app_go/distroless.dockerfile @@ -0,0 +1,37 @@ +# FROM golang:1.23.5 as build + +# # Environment variables +# ENV ADMIN_USER="admin" + +# WORKDIR /go/src/app +# COPY . . + +# RUN go mod download +# RUN CGO_ENABLED=0 go build -o /go/bin/app + +# # The program will be compiled through this +# FROM gcr.io/distroless/static:nonroot +# COPY --from=build /go/bin/app . + +# # Explicitly specify port +# EXPOSE 3000 + +# CMD ["/app"] + +# In this image we build the binary +FROM golang:1.23 AS build + +WORKDIR /go/src/app +COPY . . + +RUN go mod download +RUN CGO_ENABLED=1 go build -o /go/bin/app + +# Now copy it into our base image. +# We run code in it. +FROM gcr.io/distroless/base-nossl:nonroot +COPY --from=build /go/bin/app / + +EXPOSE 8080 + +CMD ["/app"] diff --git a/app_python/.dockerignore b/app_python/.dockerignore new file mode 100644 index 0000000000..2cadf79410 --- /dev/null +++ b/app_python/.dockerignore @@ -0,0 +1,2 @@ +*.md +*.png \ No newline at end of file diff --git a/app_python/DOCKER.md b/app_python/DOCKER.md new file mode 100644 index 0000000000..38e36e8b0e --- /dev/null +++ b/app_python/DOCKER.md @@ -0,0 +1,10 @@ +## 1. Best Practices + +1. Designating ENVironment variables via ENV +2. Designating PORT via EXPORT +3. Copying only essential files, not just "COPY . ." + +~~The rest points are in the precondition of the lab, but let's pretend we didn't know and implemented these best practices on our own~~ + +4. Explicit version designation (base image, python versions) +5. User added to avoid root access diff --git a/app_python/Dockerfile b/app_python/Dockerfile new file mode 100644 index 0000000000..dea06ce36c --- /dev/null +++ b/app_python/Dockerfile @@ -0,0 +1,22 @@ +FROM python:3.13.1-alpine3.21 + +# Environment variables +ENV ADMIN_USER="admin" + +# Install the application dependencies +COPY requirements.txt ./ +RUN pip install --no-cache-dir -r requirements.txt + +# Copy static file directory +COPY templates ./templates +# Copy python app file +COPY moscow_app.py ./ + +# Setup an app user so the container doesn't run as the root user +RUN adduser --system $ADMIN_USER +USER $ADMIN_USER + +# Explicitly specify port +EXPOSE 5000 + +CMD ["python", "moscow_app.py"] diff --git a/app_python/README.md b/app_python/README.md index d60952bac1..fe69ce0d81 100644 --- a/app_python/README.md +++ b/app_python/README.md @@ -1,19 +1,19 @@ ## Python Flask Moscow timezone Watch -### Repository preparation +## Repository preparation ```bash git clone https://github.com/tjann7/DevOps-Course.git cd DevOps-Course ``` -### Dependencies installation +## Dependencies installation ```bash pip install -r requirements.txt ``` -### Starting the app +## Starting the app In terminal of the project ('of the project' means being in the project directory) execute bash command: python .\app_python\moscow_app.py @@ -27,3 +27,37 @@ Resulting webpage should look like this: ![alt text](./images/image1.png) +## Docker + +Building the image: +```bash +docker build -t your_image_name . +``` + +Output should be similar to this: +![](images/image_docker1.png) + +Pulling the image: +```bash +docker pull tjann7/moscow_time +``` + +Running the image locally ~~if you don't like parameters, good luck finding container's address~~: +```bash +docker run --network="host" moscow_time +``` + +Result of running is as follows: + +![](images/image_docker2.png) + + +# ENDING + +To run distroless: + +```bash +docker build -f distroless.dockerfile -t dless . +docker run dless +``` + diff --git a/app_python/images/image_docker1.png b/app_python/images/image_docker1.png new file mode 100644 index 0000000000..368117f851 Binary files /dev/null and b/app_python/images/image_docker1.png differ diff --git a/app_python/images/image_docker2.png b/app_python/images/image_docker2.png new file mode 100644 index 0000000000..4fadeaaafb Binary files /dev/null and b/app_python/images/image_docker2.png differ