kore-docker

Official Kore Dockerfiles
Commits | Files | Refs | README | git clone

README.md (2655B)



      1 Official kore docker images.
      2 
      3 ## Using base images to create a custom Docker container
      4 
      5 ```
      6 FROM kore/kore:4.2.1
      7 
      8 WORKDIR /koreapp
      9 COPY *.py .
     10 
     11 EXPOSE 8888
     12 CMD ["app.py"]
     13 ```
     14 
     15 ## Using the base image to run an application
     16 
     17 ```
     18 $ docker run -p 8888:8888 -it --rm \
     19     -v `pwd`/code:/app \
     20     -w /app kore/kore:4.2.1 /app/app.py
     21 ```
     22 
     23 ## Using the kodev docker image
     24 
     25 You can use the kodev docker image to build your application.
     26 
     27 While doing so it is important you set the workdir to the name
     28 of your application so kodev build will correctly pickup the
     29 configuration.
     30 
     31 The kore/kodev container has 2 tags, kodev-amd64 and kodev-arm64.
     32 
     33 Building an application:
     34 
     35 ```
     36 $ docker run -it --rm \
     37     -v `pwd`:/myapp \
     38     -w /myapp kore/kodev:kodev-arm64 build
     39 ```
     40 
     41 ## ACME
     42 
     43 The docker images support ACME. If you are going to enable it
     44 you probably want to use a volume of sorts to store the account
     45 key and certificates on persistent storage.
     46 
     47 The keymgr will store all relevant data under the **/var/chroot/keymgr**
     48 path. You can use a volume to export that directory to your host instead.
     49 
     50 ```
     51 $ docker run -p 8888:8888 -it --rm \
     52     -v `pwd`/code:/app \
     53     -v `pwd`/keymgr:/var/chroot/keymgr \
     54     -w /app kore/kore:4.2.1 /app/app.py
     55 ```
     56 
     57 ## Deployment target
     58 
     59 When using Python, you should set the deployment target to "docker".
     60 This will keep Kore in the foreground but still apply privilege separation.
     61 
     62 ```python
     63 kore.config.deployment = "docker"
     64 ```
     65 
     66 ## Users and paths
     67 
     68 The docker images provide users for all privilege separated processes.
     69 
     70 These users are:
     71 
     72 ### kore
     73 
     74 The kore user its homedir is located under **/var/chroot/kore** and is
     75 intended to be the main user for the worker processes.
     76 
     77 ### Default configuration
     78 
     79 runas kore
     80 root /var/chroot/kore
     81 
     82 ### Python configuration
     83 
     84 ```python
     85 kore.config.runas = "kore"
     86 kore.config.root = "/var/chroot/kore"
     87 ```
     88 
     89 ## acme
     90 
     91 The acme user its homedir is located under **/var/chroot/acme** and
     92 is intended to be the main ACME process user.
     93 
     94 The acme process is the process that talks to the ACME servers and
     95 parsers their responses.
     96 
     97 ### Default configuration
     98 
     99 acme_runas acme
    100 acme_root /var/chroot/acme
    101 
    102 ### Python configuration
    103 
    104 ```python
    105 kore.config.acme_runas = "acme"
    106 kore.config.acmer_root = "/var/chroot/acme"
    107 ```
    108 
    109 ## keymgr
    110 
    111 The keymgr user its homedir is located under **/var/chroot/keymgr**
    112 and is intended to be the keymgr process user.
    113 
    114 The keymgr process holds all your private keys.
    115 
    116 ### Default configuration
    117 
    118 keymgr_runas keymgr
    119 keymgr_root /var/chroot/keymgr
    120 
    121 ### Python configuration
    122 
    123 ```python
    124 kore.config.keymgr_runas = "keymgr"
    125 kore.config.keymgr_root = "/var/chroot/keymgr"
    126 ```