What is docker and how do I used it at Hipex?
Docker is a set of techniques to run your application in an isolated environment. Instead of installing dependencies like
openssl globally, they are packaged with your application as a container image. This container is then copied to
the Hipex server and executed.
For the rest of the documentation we assume basic knowledge of the docker concepts. We implemented docker support by creating
a wrapper for the original
docker-compose commands. We further more assume that you are familiar with these
commands. If not please look read the official docs: https://docs.docker.com/get-started/ and https://docs.docker.com/compose/gettingstarted/.
With security as our main priority. the command wrapper prevent the use of certain features. This so you can use docker on the Hipex platform without the risk of breaking the server.
The commands are part of the
Hipex CLI and grouped under the
docker command group:
$ hipex | grep docker
docker-compose commands implemented:
- docker:compose:down Stops containers and removes containers, networks, volumes, and images created by
- docker:compose:exec Execute a command in a running container.
- docker:compose:logs View output from containers.
- docker:compose:restart Restart running containers.
- docker:compose:run Run a one-off command on a service.
- docker:compose:stop Stop running containers without removing them.
- docker:compose:up Builds, (re)creates, starts, and attaches to containers for a service.
docker commands implemented:
- docker:login Log in to a Docker registry.
- docker:ps List containers
- docker:stats Display a live stream of container(s) resource usage statistics
Again for security purposes the
docker-compose.yml options are reduced to a subset of the original
The options allowed are described in the following example file. For a more detailed explanation of the config settings
please have a look at the original documentation https://docs.docker.com/compose/compose-file/.
The supported settings are:
#everything above 3.2 is supported version: "3.2" services: serviceA: # Just string without options image: redis # A string or array command: "echo hoi" container_name: redisA depends_on: - serviceB # A string or array dns: 126.96.36.199 dns_search: example.com domainname: "service-a.com" # A string or array entrypoint: "/bin/entry.sh test" # A string or array env_file: ".env" # Default environment: NODE_ENV: prod # Only host ports between 10000 and 50000 ports: - 10001:80 # Default healthcheck: test: ["CMD", "curl", "-f", "http://localhost"] interval: 1m30s timeout: 10s retries: 3 start_period: 40s # Default extra_hosts: - "service_redis" # Default hostname: service_redis_backend # A string or array networks: internal # Default restart: always # Only anonymous volumes and paths that are both readable and writable by the current user volumes: - "data-serviceA:/data" - "./host-data:/host-data" # An alternative valid service configuration serviceB: image: "elasticsearch" command: - echo - hoi dns: - 188.8.131.52 - 184.108.40.206 dns_search: - dc1.example.com - dc2.example.com entrypoint: - /bin/entry.sh - test network: - internal - external # Without options: volumes: data-serviceA: # Without options: networks: internal: external:
To use private registries. normally
docker login would be used. This command is wrapped under
hipex docker:login and
credentials are stored per ssh user. For more info check out the docker:login command.
When your container volume's need to be backuped you can put them under your domain folder. For example put your elasticsearch
~/domains/example.com/elasticsearch/docker-compose.yml and make a volume mount like this:
# ~/domains/example.com/elasticsearch/docker-compose.yml version: "3.2" services: elasticsearch: image: elasticsearch:7.8.0 restart: "always" volumes: - ./data:/usr/share/elasticsearch/data environment: discovery.type: "single-node" ports: - "19200:9200"
For more info about what is and what is not backuped have a look here.