Dockerfile great practices for Beginners

What we know about Dockerfile

We know that the Dockerfile is like a recipe file where we can specify things like the OS image to base it on, what libraries should be installed, environment variables, commands we want to run and much more. Everything is there, specified in the file, it’s super clear what you are getting. It’s a really great advancement from the days where things just worked on our machine or when we spent hours or days installing things - It’s progress.

Our Dockerfile sample

We’ve created a Dockerfile to give you an idea of what it can look like. Let’s discuss the various parts of the file to better understand it. Here goes:

// Dockerfile
FROM node:latest

WORKDIR /app

COPY . .

RUN npm install

EXPOSE 3000

ENTRYPOINT ["node", "app.js"]

This is a pretty typical looking file. We select an OS image, set a working directory, copy the files we need, install some libraries, opens up a port and finally runs the applications. So what’s wrong with that?

OS image size

At first glance, everything looks the way we expect but at a close look, we can see that we are using node:latest as an image. Let’s try to build this into a Docker image with the command:

docker build -t optimize/node .

Ok, let’s now run docker images to see our image and get some more stats on it:

It weighs in at 899 MB
Ok, we have nothing to compare with but let’s change the image to one called node:alpine and rebuild our image:

77.7 MB, WOW!!! That’s a huge difference, our Docker image is ten times smaller. Why is that?

This image is based on the Alpine Linux Project
in general the Alpine Linux images are much smaller than normal distributions. It comes with some limitations, have a read here. In general it’s a safe choice though.

The cache

For every command you specify in the Dockerfile it creates another image layer. What Docker does, however, is to first check the cache to see whether an existing layer can be reused before trying to create one.

When we come to instructions like ADD and COPY we should know how they operate in the context of the cache. For both of these commands, Docker calculates a checksum for each file and stores that in the cache. Upon a new build of the Docker images, each checksum is compared and if it differs, due to a change in the file, it recalculates the checksum and carries out the command. At this point, it creates a new image layer.

Order matters

The way Docker operates is to try to reuse as much as possible. The best thing we can do is to place the instructions, in the Dockerfile, from the least likely to change to the most likely to change.

What does that mean?

Let’s look at the top of our Dockerfile:

FROM node:alpine

WORKDIR /app

Here we can see that the FROM command happens first followed by WORKDIR. Both these commands are not likely to change os they are correctly placed at the top.

What is likely to change though?

Well, you are building an application so the source files of your app, or libraries you realize you might suddenly need, like a npm install, makes sense to place as further down in the file.

What do we gain by doing this?

Speed, we gain speed when we build our Docker image and we’ve placed the commands as efficiently as possible. So in summary ADD, COPY, RUn are commands that should happen later in the Dockerfile.

Minimize the layers

Every command you enter creates a new image layer. Ensure you keep the number of commands to a minimum. Group them if you can. Instead of writing:

RUN command
RUN command2

Organize them like so:

RUN command && \
    command2

Include only what you need

When you build an app. It easily consist of a ton of files but when it comes to what you actually need to create your Docker image it ends up being a smaller number of files. If you create a .dockerignore file you can define patterns that ensure that when we include files, we only get the ones we need, for our container.

Define a start script

Wether you use the command CMD or ENTRYPOINT, you should NOT call the application directly like so node app.js. Instead, try to define a starter script like this npm start.

Why you ask?

We want to make sure we are flexible and unlikely to change this instruction. We might actually end up changing how we start our app by us gradually adding flags to it like so node app.js --env=dev --seed=true. You get the idea, it’s a moving target potentially. However by us relying on npm start, a startup script, we get something more flexible.

Use LABEL

Using the command LABEL is a great way to describe your Dockerfile better. You could use it to organize the files, help with automation and potential use cases, you know best what information makes sense to put there, but it exists to support you in bringing order to all your images so leverage it to your advantage. A labels value is a key-value pair like so LABEL [key]-[value]. Every label command can have multiple labels. In fact that it’s considered to collect all your labels under one label command. You can do so by separating each key-value pair with a space character or like so:

LABEL key=value \
      key2=value2

Rely on default ports with EXPOSE

EXPOSE is what you use to open up ports on the container. To ensure we can talk to the container on that port we can use the -p command in conjunction with Docker run docker run -p [external]: [exposed docker port]. It’s considered best practice to set the exposed port to the default ports used by what you are using like port 80 for an apache server and 27017 if you have a Mongo DB database etc.

Be explicit, use COPY over ADD

At first glance it looks like COPY and ADD does the same thing but there is a difference. ADD is able to extract TAR files as well, which COPY can’t do. So be explicit and use COPY when you mean to copy files and ensure to only use ADD when you mean to use something feature specific like the mentioned TAR extraction.

Summary

There are many more best practices to follow when it comes to Dockerfile but the biggest gain I’ve mentioned throughout this post is the one on using the smallest image possible like alpine. It can make wonders for your image size, especially if the storage size is something you pay for.

Have a read in Dockerfile best practices docs for more great tips

#docker #devops

What is GEEK

Buddha Community

Dockerfile great practices for Beginners

Samanta Moore

1621213140

7 Great Resources for Java Beginners

“Learning never exhausts the mind.”

This historic saying by Leonardo Da Vinci made sense to me when I started learning Java programming language.

Reason? A lot of them!

To begin with, the Java programming language is easy enough to learn and has the greatest impact on the industry. So the question arises: “which course to choose to learn Java?”

This blog is full of information that you need as a newbie learner or aspiring Java programmer. Let’s start by listing the _best Java practical courses _you can choose from.

Practical Java Courses for Beginners

One of the main obstacles for a beginner is finding the best course that can benefit you. With dozens of online resources available, it’s quite hard to make a choice. In this part of the article, I’ll introduce you some really helpful online portals that provide the best java learning experience.

#java #learning-to-code #learn-java #java-programming #online-courses #learn-to-code #beginners #tutorial-for-beginners

Sival Alethea

1624312800

Learn Java 8 - Full Tutorial for Beginners. DO NOT MISS!!!

Learn Java 8 and object oriented programming with this complete Java course for beginners.
⭐️Contents ⭐️

⌨️ (0:00:00) 1 - Basic Java keywords explained
⌨️ (0:21:59) 2 - Basic Java keywords explained - Coding Session
⌨️ (0:35:45) 3 - Basic Java keywords explained - Debriefing
⌨️ (0:43:41) 4 - Packages, import statements, instance members, default constructor
⌨️ (0:59:01) 5 - Access and non-access modifiers
⌨️ (1:11:59) 6 - Tools: IntelliJ Idea, Junit, Maven
⌨️ (1:22:53) 7 - If/else statements and booleans
⌨️ (1:42:20) 8 - Loops: for, while and do while loop
⌨️ (1:56:57) 9 - For each loop and arrays
⌨️ (2:14:21) 10 - Arrays and enums
⌨️ (2:41:37) 11 - Enums and switch statement
⌨️ (3:07:21) 12 - Switch statement cont.
⌨️ (3:20:39) 13 - Logging using slf4j and logback
⌨️ (3:51:19) 14 - Public static void main
⌨️ (4:11:35) 15 - Checked and Unchecked Exceptions
⌨️ (5:05:36) 16 - Interfaces
⌨️ (5:46:54) 17 - Inheritance
⌨️ (6:20:20) 18 - Java Object finalize() method
⌨️ (6:36:57) 19 - Object clone method. [No lesson 20]
⌨️ (7:16:04) 21 - Number ranges, autoboxing, and more
⌨️ (7:53:00) 22 - HashCode and Equals
⌨️ (8:38:16) 23 - Java Collections
⌨️ (9:01:12) 24 - ArrayList
📺 The video in this post was made by freeCodeCamp.org
The origin of the article: https://www.youtube.com/watch?v=grEKMHGYyns&list=PLWKjhJtqVAblfum5WiQblKPwIbqYXkDoC&index=9
🔥 If you’re a beginner. I believe the article below will be useful to you ☞ What You Should Know Before Investing in Cryptocurrency - For Beginner
⭐ ⭐ ⭐The project is of interest to the community. Join to Get free ‘GEEK coin’ (GEEKCASH coin)!
☞ **-----CLICK HERE-----**⭐ ⭐ ⭐
Thanks for visiting and watching! Please don’t forget to leave a like, comment and share!

#java #java 8 #learn java 8 #learn java 8 - full tutorial for beginners #beginners #java course for beginners.

Sival Alethea

1624305600

Full Ethical Hacking Course - Network Penetration Testing for Beginners (2019)

Learn network penetration testing / ethical hacking in this full tutorial course for beginners. This course teaches everything you need to know to get started with ethical hacking and penetration testing. You will learn the practical skills necessary to work in the field. Throughout the course, we will develop our own Active Directory lab in Windows, make it vulnerable, hack it, and patch it. We’ll cover the red and blue sides. We’ll also cover some of the boring stuff like report writing :).
⭐️ Course Contents ⭐️
⌨️ (0:00) - Course Introduction/whoami
⌨️ (6:12) - Part 1: Introduction, Notekeeping, and Introductory Linux
⌨️ (1:43:45) - Part 2: Python 101
⌨️ (3:10:05) - Part 3: Python 102 (Building a Terrible Port Scanner)
⌨️ (4:23:14) - Part 4: Passive OSINT
⌨️ (5:41:41) - Part 5: Scanning Tools & Tactics
⌨️ (6:56:42) - Part 6: Enumeration
⌨️ (8:31:22) - Part 7: Exploitation, Shells, and Some Credential Stuffing
⌨️ (9:57:15) - Part 8: Building an AD Lab, LLMNR Poisoning, and NTLMv2 Cracking with Hashcat
⌨️ (11:13:20) - Part 9: NTLM Relay, Token Impersonation, Pass the Hash, PsExec, and more
⌨️ (12:40:46) - Part 10: MS17-010, GPP/cPasswords, and Kerberoasting
⌨️ (13:32:33) - Part 11: File Transfers, Pivoting, Report Writing, and Career Advice

📺 The video in this post was made by freeCodeCamp.org
The origin of the article: https://www.youtube.com/watch?v=3Kq1MIfTWCE&list=PLWKjhJtqVAblfum5WiQblKPwIbqYXkDoC&index=6
🔺 DISCLAIMER: The article is for information sharing. The content of this video is solely the opinions of the speaker who is not a licensed financial advisor or registered investment advisor. Not investment advice or legal advice.
Cryptocurrency trading is VERY risky. Make sure you understand these risks and that you are responsible for what you do with your money
🔥 If you’re a beginner. I believe the article below will be useful to you ☞ What You Should Know Before Investing in Cryptocurrency - For Beginner
⭐ ⭐ ⭐The project is of interest to the community. Join to Get free ‘GEEK coin’ (GEEKCASH coin)!
☞ **-----CLICK HERE-----**⭐ ⭐ ⭐
Thanks for visiting and watching! Please don’t forget to leave a like, comment and share!

#ethical hacking #network penetration testing #full ethical hacking course - network penetration testing for beginners #beginners #full ethical hacking course #network penetration testing for beginners

Joseph Murray

1621511340

Minimum Java Knowledge Requirements for Your First Coding Job

What does a potential Java junior need to know to get their first job or even qualify for a trainee position in a good company? What tools will help a Java programmer reach the next level? Which technologies should you study, and which ones are better to hold off on?

There is no standard answer to these questions, just as there is no single action plan that would suit absolutely everyone. Some companies are striving for development, constantly introducing new technologies and testing the capabilities of new versions of the language, while others stubbornly cling to old ones. There are also middle options, and perhaps these are most of them.

I get asked this question so often that I decided to write an article that I can then refer to in order to answer it. In addition, it will be useful not only to those who ask me personally but also to everyone who has already decided (or did not decide in any way) to connect their lives with Java programming.

#java #java-development-resources #java-development #learn-to-code #learning-to-code #beginners #tutorial-for-beginners #beginners-to-coding

Hayden Kerr

1572233852