There is a web site on Django, on the combat server, I use the uWSGI / Nginx bundle for the launch server, the local development is the Django virtualenv / dev server

I decided to touch the Docker-technology to launch applications and in the process of reading a question appeared.

Is launching a combat site from a Docker image easier than using this method (uWSGI / Nginx)? In addition to launching the site, the project is also being assembled by the webpack on the combat server, the code is minified, some static is converted, etc.

PS I apologize in advance for the definition of "traditional means of launching the site," everyone may have different tastes

    2 answers 2

    Yes. Running is easier. Roughly speaking, everything will be reduced to a single docker run <имя образа> [<дополнительные параметры>] . The host system itself can be "bare" - without any additional utilities, libraries, services - only Docker.

    • In order not to multiply stupid topics, ask a question here. Inside the container to work from the root? All the same, the process is isolated - while1pass
    • one
      I strongly recommend choosing an unprivileged user in the container and further restrict the container to its rights. here you can see my answer about the restriction of container ru.stackoverflow.com/a/610945/215007 - Mikhail Vaysman
    • I read the presentation and immediately misunderstandings. how so? the container is isolated, all processes inside it, meaning to start a user? - while1pass
    • I, perhaps, will finish reading and if I don’t understand something, we will create a separate topic - while1pass

    Immediately I warn you, I'm not a professional. I will give only a general idea, I can be mistaken in something.

    The essence

    Traditionally, you take a server (iron or virtual machine), deploy your website on it, install the necessary dependencies, configure.

    With the docker, you take a clean image (image) of the operating system, do almost everything the same in it, pack it into a new image, send it to a special registry-registry.

    Then, during installation, this image is downloaded from the registry and runs in a virtual machine.

    Virtues

    • Every time you install on a fresh image, you have server-phoenixes, not snowflakes (here you will see a link to Martin Fowler's blog later).
    • The image is created once and used many times. Deployment of the finished image is very fast. You can quickly respond and scale the site (of course, it will need to be configured)
    • Your testers are testing exactly the same thing , which then goes to production, and not something similar.
    • Since the old versions are also stored in the registry, in case of a sudden backup you refuse easily (well, easier than usual)

    disadvantages

    • I will write later with a fresh mind. But they are, they have everything.

    In general, all this concerns not only the docker. Be sure to search and read about 12-factor applications (12-factor applications). (I will add a link here too later)

    • Performance loss on virtualization. what virtualization do you mean? Write to disk can be. - Mikhail Vaysman
    • @MikhailVaysman then I lied after all. ) Thank you for your comment. I will correct later, now too tired. Or you correct, as you see fit, I will not mind. ) - Nick Volynkin