Tips

Foreground Process

All process should be foreground. Docker’s lifecycle is tied to PID 1 inside of the container. When that process dies, the container dies.

Init

Because docker is tied to the PID 1, there are additional tasks that need to be handled.

• Process Reaping: If the process spawns subprocess, OS reaps and cleans these orphan processes.
• Signal Problem: Apps don’t handle for SIGTERM. So you need to handle these otherwise Docker will SIGKILL the container.

When you run docker, run it as

docker run -d --init --name app_name image_name

Launch time

1. Docker calls runc. It creates a jail where it changes the root from the system root directory to the docker image; thus anything in the container can’t escape out.

2. The entrypoint and cmd

Entrypoint is the executable to run in the container. CMD is the default argument. If you pass a shell script (entrypoint.sh) to docker which calls node script, the node is a child process. The exec command lets you swap out the shell script with the child process so that the child process becomes the parent process.

3. Dependency Guard (Wait-for)

When the app launches, it may depende on other services coming online. So you need a wait-for-it.sh or dockerize that will poll until they get a ping back and then start your app.

4. Supervisord (Multiple-Process Manager)

If you want to run multiple things in a container which you shouldn’t. It just starts multiple processes and monitors them.

5. Environment “Shims”

When you have a template file for something like nginx.conf.template, and then inject the secrets and environment variables right before the process runs.