Deploying golang with Docker

(Share the findings gained when deploying on Docker with golang. Please point out if there is a mistake or a better way)

Golang does not depend on libc etc. It has the feature that it all makes static link. What this means is that if there is only one binary output by golang it will work.

Move golang binary on Docker

Docker is excellent as a container to move different environments. However, or it was huge images that the Base, docker pullは安全なの? it was or that we also had a problem.

However, if you are using the golang, because there is a feature of the above, 出力したバイナリ + 必要なファイル can operate in only. (Provided, however, that you are not using cgo etc.)

An example

1. Create tar.gz

Suppose you have the following directory structure.

github.com/shirou/test
|-- main.go
|-- public
|   `-- css
|       `-- sample.css
`-- view
    `-- base.html

Suppose that main.go is a web application that appropriately uses public and view. (Anything is fine)

Continue with the whole tar.gz and scp to the host running docker.

GOOS=linux GOARCH=amd64 go build
tar cvfz /tmp/image.tar.gz .
scp /tmp/image.tar.gz docker:/tmp/

Even if you do not consolidate them all, it is okay to fix only the necessary files. In fact, you will create a build directory and copy the necessary files into it.

2. Docker import

On docker host side, create docker image from tar.gz.

cat image.tar.gz | sudo docker import - test:latest

3. Docker run

And you can move it as usual.

sudo docker run -p 8000:8000 test:latest /test

advantage

With this method, the following advantages arise.

  1. You do not need docker pull or docker hub. It also does not need a private repository
  2. Since it is only necessary files, it does not consume capacity
  3. Since unnecessary processes do not move at all and no files exist, security problems can not occur (unless there is a problem with your program)
  4. There is no need to perform configuration management (there is no need to install dependent packages)

Use of s3

This time I send tar.gz by scp, but of course I can put it in s3. docker import will pass the URL to the argument.

To consolidate into one file

But this time we took the system to copy the necessary files, go- bindata With such, compacted all into a single binary file I will. kocha It may help to use.

In that case, tar.gz, etc. is not required, just the file in Dockerfile ADD will move if.

Humming point

If you want to access to the outside HTTPS, /etc/ssl/certs/ca- certificates.crt you may need.

Summary

I explained that moving the binary created with golang with Docker can bring about various benefits. I did not need ansible! (Is a lie)