In the first iteration we successfully Dockerized a real Emory web app (WebEase) and we created a simplistic Tomcat8 base image. Our next goals are to improve the base image to be something we'd more realistically like to use like JBoss with SSL/TLS and such and research how best to get logs off the running containers.
- Create one or more realistic app server base images (Leads: Alex Tudor, Mike Lewis)
- Create one or more realistic web server base images (Leads: Alex Tudor, Mike Lewis)
- Research methods for getting all relevant app server logs off the container and into existing log viewing/archiving repositories (Leads: Paul Petersen, Kevin Chen)
- Develop a firewall framework to allow commonly used backend resources in a secure way (Lead: Paul Petersen)
- Create a diagram of the Docker POC SDLC (Lead: Alex Tudor)
- Create a diagram of the Docker POC Network (Lead: Alex Tudor)
- Mike and Alex used the week familiarizing themselves with the Docker image build process. They agreed to continue their work for the next Iteration. They agreed to work towards having Dockerfiles for app servers and web servers for review in our next meeting.
- John, Kevin, and Paul went over their research. They proposed the use of the Docker log-drivers as the best approach. For the next meeting, they will work to:
- Propose a set of log files to be sent to central logging - the goal is to see whether we can provide enough information in the logs that SSH access to the container will not be required
- Further troubleshoot the central logging servers to determine why the container ID is being stripped from the message
- Experiment with other logging drivers
- The group spent several minutes discussing firewall rules, but in the end we decided to dedicate more time in the next meeting to discuss.
Potential Next Steps
- Create Dockerfiles for an Emory app server - Mike & Alex
- Create Dockerfiles for an Emory web server - Mike & Alex
- Document the log files that need to be streamed to STDOUT - John
- Fix the "no container ID" logging issue with the central SYSLOG-NG servers - Paul
- Start a private registry - Mike & Paul