docker at digital ocean
TRANSCRIPT
Docker at DigitalOceanTommy Murphy
why
FROM ruby:2.2.0RUN apt-get update -qq && apt-get install -y build-essential libpq-devRUN mkdir /myappWORKDIR /myappADD Gemfile /myapp/GemfileADD Gemfile.lock /myapp/Gemfile.lockRUN bundle installADD . /myapp
FROM ruby:2.2.0
Not supported on https://hub.docker.com/_/ruby/
The following packages will be upgraded: curl dpkg dpkg-dev ghostscript gir1.2-gdkpixbuf-2.0 git git-man krb5-multidev libcups2 libcupsfilters1 libcupsimage2 libcurl3 libcurl3-gnutls libcurl4-openssl-dev libdpkg-perl libexpat1 libexpat1-dev libfreetype6 libfreetype6-dev libgdk-pixbuf2.0-0 libgdk-pixbuf2.0-common libgdk-pixbuf2.0-dev libgnutls-deb0-28 libgs9 libgs9-common libgssapi-krb5-2 libgssrpc4 libicu52 libk5crypto3 libkadm5clnt-mit9 libkadm5srv-mit9 libkdb5-7 libkrb5-3 libkrb5support0 libldap-2.4-2 libmysqlclient-dev libmysqlclient18 libpng12-0 libpng12-dev libpq-dev libpq5 libsasl2-2 libsasl2-modules-db libsqlite3-0 libsqlite3-dev libssl-dev libssl-doc libssl1.0.0 libsvn1 libtasn1-6 libwmf-dev libwmf0.2-7 libxml2 libxml2-dev linux-libc-dev mercurial mercurial-common mysql-common openssh-client openssl perl perl-base perl-modules subversion64 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.Need to get 47.6 MB of archives.After this operation, 199 kB of additional disk space will be used.
FROM ruby:2.2.0
openssl (1.0.1k-3+deb8u2) jessie-security; urgency=medium
* Fix CVE-2015-3194 * Fix CVE-2015-3195 * Fix CVE-2015-3196
-- Kurt Roeckx <[email protected]> Thu, 03 Dec 2015 18:39:46 +0100
openssl (1.0.1k-3+deb8u1) jessie-security; urgency=medium
* Fix CVE-2015-1791 * Fix CVE-2015-1792 * Fix CVE-2015-1789 * Fix CVE-2015-1790 * Fix CVE-2015-1788 * CVE-2015-4000: Have minimum of 768 bit for DH
-- Kurt Roeckx <[email protected]> Thu, 11 Jun 2015 20:55:20 +0200
openssl (1.0.1k-3) unstable; urgency=medium
* Drop patch 0003-Free-up-passed-ASN.1-structure-if-reused.patch, it atleast breaks voms, possibly others. (Closes: #781081)
-- Kurt Roeckx <[email protected]> Tue, 24 Mar 2015 21:34:00 +0100
openssl (1.0.1k-2) unstable; urgency=high
* Fix CVE-2015-0286 * Fix CVE-2015-0287 * Fix CVE-2015-0289 * Fix CVE-2015-0293 (not affected, SSLv2 disabled) * Fix CVE-2015-0209 * Fix CVE-2015-0288 * Remove export ciphers from DEFAULT. * Make DTLS always act as if read_ahead is set. This fixes a regression
introduce by the fix for CVE-2014-3571. (Closes: #775502)
-- Kurt Roeckx <[email protected]> Fri, 20 Mar 2015 18:24:15 +0100
Even supported images might not have the latest updates
FROM ruby:2.2.0
RUN apt-get update -qq && \grep security /etc/apt/sources.list > /tmp/security.list && \apt-get upgrade -y -o Dir::Etc::Sourcelist=/tmp/security.list
FROM ruby:2.2.0RUN apt-get update -qq && apt-get install -y build-essential libpq-devRUN mkdir /myappWORKDIR /myappADD Gemfile /myapp/GemfileADD Gemfile.lock /myapp/Gemfile.lockRUN bundle installADD . /myapp
RUN bundle install
gem 'blah', git: '[email protected]:blah/blah.git', ref: 'adc83b19e793491b1c6ea0fd8b46cd9f32e592fc'
don’t commit secrets.
gem 'blah', git: 'https://<token>:[email protected]/blah/blah.git', ref: 'adc83b19e793491b1c6ea0fd8b46cd9f32e592fc'
ADD ssh-private-key /root/.ssh/
RUN bundle install
● share ssh-agent socket with docker build● bundle install (as developer or CI identity) before build● vendor gems in git
bundle package --all
FROM ruby:2.2.0RUN apt-get update -qq && apt-get install -y build-essential libpq-devRUN mkdir /myappWORKDIR /myappADD Gemfile /myapp/GemfileADD Gemfile.lock /myapp/Gemfile.lockRUN bundle installADD . /myapp
ADD . /myapp
ROOOOOOOT
ADD . /myapp
ROOOOOOOT
FROM ruby:2.2.0RUN apt-get update -qq && apt-get install -y build-essential libpq-devRUN mkdir /myappWORKDIR /myappADD Gemfile /myapp/GemfileADD Gemfile.lock /myapp/Gemfile.lockRUN bundle installADD . /myapp
what to run?myapp_web_1 | [2014-01-17 17:16:29] INFO WEBrick 1.3.1
configuration
environment > file configfigaro, dotenv
development: adapter: mysql2 database: foo username: <%= Config.DATABASE_USERNAME %> password: <%= Config.DATABASE_PASSWORD %> host: <%= Config.DATABASE_HOST %>
test: adapter: mysql2 database: foo_test username: <%= Config.DATABASE_USERNAME %> password: <%= Config.DATABASE_PASSWORD %> host: <%= Config.DATABASE_HOST %>
DNS based values
<region>.do.co
config everythingRedis.new(:host => "10.0.1.1")
Redis.new(:url => "redis://:[email protected]:6380/15")
www.digitalocean.com/company/careers
@tam7t
Thanks!