How to deliver docker image to client?

Question

A client wants a docker app delivered. I have two questions regarding best practices.

First, I need to deliver an app with tomcat, a webapp, a database, and some tables. I understand how to set up tomcat and the database, but what do you do with their assets (ie webapp and tables)? Do you include them in the image and then push this to hub.docker.com? If the webapp and database tables are proprietary, how do you deal with that? Do you create a private image and share it somehow?

Second, as the app runs, the database tables may change. As I understand it (and tested), docker containers are stateless so once it's stopped, the data is reset. How do you maintain the same state between restarts? I know you can map folders between the container and host, but do I really ship a separate database folder containing the data and have the docker container map it? What's the best practice here?

Thanks in advance

Edit First of all, thank you to everyone who replied back. Both @RicardoBranco and @kstromeiraos have good suggestions for how to distribute the image. I don't know which the client prefers yet and while I'd like to award both of you the checkmark, SO only allows me to award one answer. So I've upvoted you both and will let the internet decide which answer prevails in the long run.

Second, I'm an idiot. I was using the "docker run" command to "start" my container, which I now realize is creating a new container, making me believe that I had lost all my data from the previous session. It was only after I realized that you should be calling "docker start" to "start" a container that I noticed my mistake in understanding.

Thank you all

Is `webapp` in this case just a war file with the specific client application? Will you be doing this repeatedly for many customers or is it more of a one-time thing? Can you also clarify a bit more about the application (the database type, is there multiple parts to the database (ie. the schema and client data separated)? — Andy Shinn, Jun 13 '17 at 00:38
@AndyShinn Yes, webapp is just war file with specific client application. One-time thing. Mysql DB seeded with schema and data initially. More data may be added during usage — kane, Jun 13 '17 at 00:58
Does this answer your question? [How to share my Docker-Image without using the Docker-Hub?](https://stackoverflow.com/questions/24482822/how-to-share-my-docker-image-without-using-the-docker-hub) — Michael Freidgeim, Mar 21 '20 at 11:52

score 15 · Accepted Answer · answered Jun 13 '17 at 07:28

15

You have two options to distribute the images.
- As @Ricardo Branco said, use a private registry.
- Use docker save to save images to tar files and then, share that with your client whom can use them by loading them using docker load (https://docs.docker.com/engine/reference/commandline/save/).
You should have a volume in which your DB data persists. You can map a host directory.

To backup volumes, take a look to this useful tool which allows you to do that. https://github.com/discordianfish/docker-backup

answered Jun 13 '17 at 07:28

kstromeiraos

4,659
21
26

Do `docker save/load` necessary or `docker export/import` would be enough? – endo64 Nov 17 '21 at 12:00
For those interested to know the difference: [What is the difference between save and export in Docker?](https://stackoverflow.com/a/22656763) – Marcin Orlowski Jan 29 '23 at 09:38

score 6 · Answer 2 · answered Jun 13 '17 at 00:58

You can create a private repository in Docker Hub (or Amazon EC2 Container Registry) or setup a Docker Registry yourself with TLS and some form of user authentation (with TLS client certificate and/or HTTP basic auth):

https://docs.docker.com/registry/

No data is reset when the container is stopped, only when the container (and associated volumes) is removed. Containers are meant to be ephemeral instances of code operating on data (volumes).

score 2 · Answer 3 · answered Jun 13 '17 at 10:02

1) how do you deal with proprietary details ?

While coming to the best-practises of building docker images, you should note that the images should be built with non-root user which helps the other users not to access the data in your webapps/databases.

With respect to sharing of your private images make use of hub.docker.com with private repository or you can use AWS ECR - EC2 Container Registry.

else, you can make use of docker save which will save your image into a tar file which can be shipped.

2) How do you maintain the same state between restarts?

The data will be removed only if the stopped container is removed, else you can use "docker commit" for saving the containers to images. This way you can save all the changes in the container to an image.

I suggest, rather than providing separate for your database, create the same while building the image and make use of it or create a runtime folder and map it to the container while running.

How to deliver docker image to client?

3 Answers3