32 posts tagged with "Docker"

Testing GitLab CI build pipelines can be a bit annoying. You must make your changes, commit and push them to kick off the CI pipeline. Then you have to wait a while for the result to show up and start over again if something went wrong. If your CI runners are busy, you keep waiting and waiting for the next free slot. Luckily, it is possible to run GitLab CI jobs completely locally. After installing the gitlab-runner package locally, you can execute a job like this:

Besides being big fans of Mark Shust's Docker Configuration for Magento project as I already blogged about, we also love Traefik, the Cloud Native Edge Router. I discovered Traefik years ago and try to use it wherever we can. Depending on the project's goals we either use the open-source version or the enterprise edition. Disclaimer: I am Traefik Ambassador, so I might be a bit biased :)

We are big fans of Mark Shust's Docker Configuration for Magento project. We use a lot of our projects, the ones we start from scratch as well for ones that we have taken over and have some weird setup in place that we simply cannot get to work.

For quite a while I wanted to upgrade the Docker setup for the open-source Force Login module we develop for Magento 2. We were using a very old version of Mark Shust's Docker Configuration for Magento setup. Since there were a lot of changes how things work nowadays, the upgrade was not simple and came with a few side-effects. The latest version of the setup requires Magento to be checkout out locally and to be mounted in the container. If you develop a Magento application that totally makes sense, but for our module, it felt it makes more sense to have the Magento application code in the container as it used to be in the old setup. This led to a bunch of changes that I'll cover below.

When setting up Rancher via its Docker container, you are not able to configure SSL termination out-of-the-box. Instead, the Rancher documentation gives some advice on how to set up SSL termination via nginx or Apache. But why would you install such a service on the host when Rancher is running in a container? Ideally the SSL proxy would also run in a container. Searching on Docker Hub for a solution, I found the dictcp/rancher-ssl image that provides exactly that. The set up is trivial.

We are running Rancher in combination with the in-built load balancer HAProxy. For each of our customers, our application is provided as a single container, many on the same physical server instance. Each of the customers' applications can be accessed via different URLs, so the usage of the HAProxy as the routing component part of the load balancer makes sense.

Linking Docker containers can be done in various ways. In my recent attempt of playing with Docker and our GitLab Review Apps setup, I experimented with different methods to figure out what would work best. These are the different options I played around with:

I wasn't really happy with the current approaches of dealing with different Dockerfiles and docker-compose.yaml files for development and production containers. I don't really see the point of managing multiple configuration files, building a few intermediate containers when the only difference between a development image and a production image is that the code is copied into the image during build. Adding files on every build is also not an ideal solution as you could potentially ship an old version of the application when you miss running a docker build after you made your final changes.

Last year GitLab introduced the Review Apps feature. Review Apps are app environments that are created dynamically every time you push a new branch up to GitLab. As a bonus point the app environments are automatically deleted when the branch is deleted. Since we moved to using docker for quite a few of our projects I was keen on figuring out how to combine Docker and the GitLab Review Apps functionality as the documentation only mentions NGINX as a way to run Review Apps. As it turns out, it is rather simple to deploy docker containers as a Review App.

A few months back I was looking for an HTTP reverse proxy and load balancer to put in front of our Docker setup. By accident I came across traefik. I deployed it on one of our internal servers and it worked out-of-the box. Recently we configured a Docker setup for one of our clients and I picked traefik again. Since this setup will host some public instances the customer demanded SSL encryption. Luckily traefik comes with support for Let's Encrypt built in. I added the needed configuration to the traefik configuration file: