Docker-Compose improvements
After checking up the current docker-compose.yaml, there seems to have room for improvements:
-
Add restart: unless-stopped
to each container : Almost none of the containers are actually automatically restarted after a crash or a reboot. furthermore, I prefer usingunless-stopped
instead ofalways
because it allows containers to be temporarily manually stopped if needed. See related merge-request -
Change containers port binding (!4 (merged)) : All containers are currently binding ports like this:
pkm:
image: gitlab.ow2.org:4567/decoder/pkm-api/pkm:${PKM_IMAGE_TAG}
[...]
ports:
- "8080:8080"
This is problematic, there should not be any need to bind one port to each container on all host interfaces, at least it should only bind on localhost (e.g. 127.0.0.1:8080:8080
), but I even think it should not even be required to bind these ports at all (if I understand enough of it), because they are only used by the reverse-proxy, as we see it in the nginx vhost configuration file
-
The compose file contains image names with a variabilized tag, (e.g.I understand know that variables are defined in this config file. This file is sourced by decoder-eu start script. The script seems to be very well written, but I have no confidence in a script containingimage: gitlab.ow2.org:4567/decoder/pkm-api/pkm:${PKM_IMAGE_TAG}
), but these variables are not defined. Furthermore, there is not much of a choice in PKM registry, each image has only two tags (master and master-build, I don't know the difference). Either set the tag asmaster
, or don't set it at all (equivalent tolatest
), no ?rm -rf $variable
. The project should make the compose file able to be run without the script, or at least contains documentation in order to use the docker-compose.yml file without the script (!5 (merged)). -
A custom MongoDB image is built for the project, what does it offer, compared to the official MongoDB image (which is more actively maintained btw) ? After a quick look, the custom image doesn't seems to be special. Shouldn't we switch to the official image ? -
The Hard-coded reverse-proxy, is an issue to me. This is custom made for the compose actually used in production on the Decoder server. Anyone wishing to use this project, may want to have a better, more customizable and maintained reverse-proxy. And I think we may want to have that as well, without having to maintain this custom made docker image. Traefik, is a reverse-proxy made for this type of project, and I think that migrating the whole to Traefik is doable and would be a great advantage to Decoder project.