[HN Gopher] Heroku-style deployments with Docker and Git tags
___________________________________________________________________
Heroku-style deployments with Docker and Git tags
Author : polyrand
Score : 68 points
Date : 2021-04-25 19:24 UTC (3 hours ago)
(HTM) web link (ricardoanderegg.com)
(TXT) w3m dump (ricardoanderegg.com)
| oweiler wrote:
| Not a huge fan of Kubernetes myself but Deployments solve that
| problem out of the box with much less code.
| nickjj wrote:
| Right and it does it in a way where everything doesn't fall
| apart if your stack is more involved than a web server.
|
| For example, in the author's script wanting to run a background
| worker ramps up the complexity by a lot but with Kubernetes
| this would be adding 1 more deployment and you're done.
|
| For most of my own stuff I just run 1 copy on 1 server and
| configure nginx to queue up requests that fail due to a 502 and
| then release them in the order they were received when the
| back-end is available again. This way you don't have hard down
| time. While your app restarts during a deploy the user only
| gets a busy mouse cursor for a few seconds while your app boots
| up. No load balancer needed. Lua scripts and nginx are a
| powerful combo.
| polyrand wrote:
| I also use Kubernetes at work and somewhat agree with your
| point, but there are a few downsides.
|
| The method I explain in this post takes 5 minutes to set up in
| any VPS, 1 minute if you have a template to copy-paste. You can
| maybe do the same using k3s, but I still think there's more
| complexity involved.
|
| This method also builds the Docker containers in the same VPS,
| so you don't need a container registry or a build server.
|
| I came up with this way of doing things because I was already
| doing all that by hand. Then I learned about git hooks and
| custom remotes and I thought it was a handy way to automate it
| without crossing the k8s line.
|
| I personally find it a lot simpler. If you remove the comments
| and wrap a couple of things in bash functions it's quite
| straightforward.
| merb wrote:
| > k3s, but I still think there's more complexity involved.
|
| which complexitiy do you had with k8s?
|
| > If you remove the comments and wrap a couple of things in
| bash functions it's quite straightforward.
|
| ah yeah...
| nfrankel wrote:
| That's because you don't deal with state
| gravypod wrote:
| If you need persistent state is there much of a difference
| with this approach and a StatefulSet with replicas=1?
| zmmmmm wrote:
| I am curious about the strategy to build the prod container on
| the prod infrastucture.
|
| What level of concern is there about the reproducibility and
| reliability of such builds? I've had docker containers stop
| building due to unknown dependencies disappearing or ageing out.
|
| And then presumably depending what kind of in code base it is,
| you could have some very intensive tasks and / or large
| containers involved in doing that build - which may itself cause
| some degradation of service or require a bigger server than you
| would need just to run the app.
|
| I'd be interested in seeing a version of this that pulled the
| image from a CI/CD container registry - or does that defeat most
| of the purpose?
| lucassen wrote:
| I found caprover to be great for simple web apps. the git push
| and build on prod server feels like a remnant from before proper
| ci/cd with docker built separately was as available.
| rcarmo wrote:
| This gives me a couple of ideas for piku
| (https://github.com/piku)...
| polyrand wrote:
| I love piku! I've never had the chance to use it, but I've read
| a significant part of the code, and its philosophy has
| influenced my approach to devops!
| StavrosK wrote:
| This is very interesting! Is it a Dokku alternative?
|
| I wrote a similar thing yesterday:
|
| https://gitlab.com/stavros/harbormaster
|
| Mine is basically Balena, though, so it lets you deploy a bunch
| of Compose repos and doesn't handle ingress. Maybe I could
| switch to Piku instead.
|
| EDIT: Ah yeah, it looks like Piku is geared towards web servers
| and handles ingress, mine is more geared towards consumer stuff
| and doesn't handle ingress itself.
| safeerm wrote:
| we're working on TinyStacks to solve this - we've built the
| fastest way to deploy and maintain your Docker app on AWS.
|
| In one click, TinyStacks takes your app code on GitHub and spins
| up all the necessary infrastructure with a fully automated
| pipeline - all on your AWS. Just git push.
|
| We just started onboarding a few customers on Fri and would love
| to onboard a few more. Email me: safeer@tinystacks.com
| mgr86 wrote:
| Git push, so it's a post-receive hook? I do the same with my
| deployments. I also like to set up make files because most
| newcomers to the project can grok a makefile. Without having to
| learn a new build tool.
| nickjj wrote:
| In the docker-compose.yml file it has: #
| expose port to localhost too - "8000:8000"
|
| I never used ufw-docker but normal behavior with Docker here
| would publish 8000 to the outside world allowing someone to
| bypass your proxy and directly visit http://example.com:8000.
| Does ufw-docker not do that? The comment hints that they probably
| want to use "127.0.0.1:8000:8000" instead of "8000:8000" to be
| explicit, or at the very least should call out that ufw-docker is
| doing something special to block it because by default using
| 8000:8000 is quite dangerous to use with Docker and iptables.
|
| I'm also curious about this quote:
|
| > Docker does not play well with iptables, so I use ufw-docker to
| set up the firewall.
|
| I never had any issues using iptables with Docker. What doesn't
| play nicely?
___________________________________________________________________
(page generated 2021-04-25 23:00 UTC)