traefik reverse proxy to non-containerized service

[Traefik/OCI] Exposing Internal Non-Containerized Services with Traefik on OCI: A Step-by-Step Guide

Traefik is a popular reverse proxy that can be used to expose internal containerized services to the public in a simple and intuitive way. However, if you want to expose internal services that are installed and configured directly on the host system instead of containerized, you may encounter some difficulties, particularly when using Oracle Cloud Infrastructure (OCI). This technical post will provide a step-by-step guide on how to expose internal non-containerized services to the public using Traefik on OCI. ...

[Docker/DinD] Empowering Local Development: Simulating Mass Containers and Docker Swarm Nodes with Docker-in-Docker (DinD)

Introduction In the realm of modern software development, the use of containerization has revolutionized the way applications are developed, tested, and deployed. Docker, a popular containerization platform, allows developers to create lightweight and isolated environments known as containers. However, when dealing with scenarios involving multiple containers that require isolated environments, testing and debugging can become quite a challenge. Enter Docker-in-Docker (DinD), a powerful tool that alleviates these pains and streamlines the development process. ...

Illustration: Docker container security - disabling SSH for production environments.

[Dockerfile] How to Prevent Docker Container from SSHing

While SSH is a valuable tool for debugging and testing Docker containers, enabling it in production environments is not recommended due to security concerns. To disable SSH in a Docker container, it’s advisable to remove the SSH server during the image building process. One way to accomplish this is to remove the SSH server during the Docker image building process. For example, if you’re using the alpine base image, you can use the following Dockerfile: ...

[OCI] Error: "iptables failed: iptables --wait -t filter -A DOCKER"

If you encounter the error messages shown below when attempting to run docker-compose up in OCI, a solution to the problem can be found in the following steps: failed to create network traefik_default: Error response from daemon: Failed to program FILTER chain: iptables failed: iptables --wait -I FORWARD -o br-5501386794d6 -j DOCKER: iptables v1.8.4 (legacy): Couldn't load target `DOCKER':No such file or directory Try `iptables -h' or 'iptables --help' for more information. (exit status 2) or ...

[Docker] Configure Custom TLS Certificates for Docker API Using Docker-in-Docker

Hey there! Have you ever wanted to configure custom TLS certificates for Docker API, but didn’t want to mess up your local Docker environment before you’re sure everything is working smoothly? Well, fear not! I’ve got a secret recipe for you that involves using Docker-in-Docker (DinD) to run a temporary Docker container with custom TLS certificates mounted. To get started, let’s say you already have your custom TLS certificates ready in the path `/tmp/certs``. You can run the following command to start a temporary Docker container with custom TLS certificates mounted: ...

[Nginx] Expose specified port for Nginx in Dockerfile

When we build a custom docker image based on nginx docker image, the default lisenting port will be 8080. However, port 8080 is a quite popular, so sometimes I want to give a different port for my service. The below snippet of code is the solution. FROM nginx COPY ./public/ /usr/share/nginx/html EXPOSE 1313 CMD ["/bin/sh", "-c", "sed -i 's/listen .*/listen 1313;/g' /etc/nginx/conf.d/default.conf && exec nginx -g 'daemon off;'"]

Docker Handbook (🚧Continuous Update)

1. Install docker and docker-compose on Ubuntu sudo apt-get update sudo apt install docker.io sudo apt install docker-compose 2. Configure rootless user to run docker sudo groupadd docker sudo usermod -aG docker $USER # Linux user can run below to activate the changes newgrp docker docker ps https://docs.docker.com/engine/install/linux-postinstall/ 3. List and delete images docker images docker iamge ls docker rmi <image_id_1> <image_id_2> 4. Check if the specific docker image exists IMAGE_ID=$(docker images | grep 'portainer/base' | awk '{ print $3 }') if [[ -n ${IMAGE_ID} ]]; then docker rm -f ${IMAGE_ID}; fi 5. Login remote registry # Default is dockerhub. username is docker hub id docker login # Login the specific registry docker login registry.private.com 6. Build image from Dockerfile docker build -t <user>/<repo>:<tag> -f Dockerfile . 7. Push the local image to remote registry docker image push <user>/<repo>:<tag> # Push to the private registry docker push registry.private.com/<repo>:<tag> 8. Add and view the docker volume # add volume docker volume create <volume_name> # view volume docker volume ls sudo ls /var/lib/docker/volumes 9. Check the volume detail docker volume inspect <volume_name> 10. Test docker container service connection with curl ping the http service ...

[Golang] Create Dockerfile for golang app

Containerizing the application is very popular nowadays and it makes the deployment so easy. This post will show how to create a Dockerfile for golang application. There are basically two steps in the Dockerfile: Build the golang program source code Containerize the golang app binary # Build source code FROM golang:1.18-alpine AS build WORKDIR /go/src/github.com/app COPY . . RUN go mod tidy RUN CGO_ENABLED=0 GOOS=linux go build -a -o main . # Containerize the binary FROM alpine COPY --from=build /go/src/github.com/app/main . EXPOSE 3500 CMD ["/main"] Exporting the port 3500 is because golang app listens to 3500. Here is just an example. ...

[Dokku] Command Cheatsheet

A quick reference guide for commonly used Dokku commands. 1. Create and list app # Create app dokku apps:create <app_name> # List app dokku apps:list 2. Set domains # Set app's domain dokku domains:set <app_name> app.example.com # Set global domain dokku domains:set-global example.com 3. Join app to a specific network # List all networks dokku network:list # Add an app to a specific network dokku network:set <app_name> initial-network <target_network> 4. Show the app’s configuration dokku config:show <app_name> 5. Manully restart an app dokku ps:rebuild <app_name> 6. Bind app container to all interface bind to all interfaces (0.0.0.0), so the container can be accessed by external request. However, the host port will be randomly assigned. ...

[Dokku] How to install Dokku with Portainer

We can easily figure out how to set up Dokku by following the instructions on Dokku website. But for me, I like to host services in docker container as it will bring a clearer structure when it comes to host multiple services in a single machine. In this post, I will assume that you already had some idea about what Dokku is. If not, you can find more information here. In the title, I also mentioned another tool called Portainer. Basically it is a management tool of docker container and kubernete cluster with UI. But it is actually much more than that. (I feel I am digging a bit hole while introducing more and more tools). ...

DigitalOcean Referral Badge
Sign up to get $200, 60-day account credit !