search

getcarina / jupyterhub-tutorial

Deploy an interactive data science environment with JupyterHub on Docker Swarm
http://getcarina.github.io/jupyterhub-tutorial/slides/
MIT License
21 stars 8 forks source link

Docker section notes #16

Closed smashwilson closed 8 years ago

smashwilson commented 8 years ago

@everett-toews: I gave the Docker section a run-through and had a few minor comments. I figured I'd post them here rather than dump them all in Slack so you could check them out later.

rgbkrk commented 8 years ago

I prefer the explicit instruction for docker ps too, for passersby to slides and not alienating those that don't want to adopt the aliases.

rgbkrk commented 8 years ago

How secure are overlay networks in Swarm, anyway? Is it possible to sniff them... ?

That depends on the implementation. In the case of carina, the overlay networks function over service net while not having publicly accessible ports or IPs. An attacker would have to have access to sniffing on servicenet itself.

etoews commented 8 years ago

Thanks for the review @smashwilson. Edits are in https://github.com/everett-toews/jupyterhub-on-docker-swarm/commit/5d7da3a0c4bba84983c82f8cc97335bd90daec12

Slide 14: The ds alias isn't used anywhere else, we always spell out docker ps. Maybe delete?

Deleted

Slide 24: Any reason you're using gliderlabs/alpine instead of alpine? I'd prefer to nudge people toward the official image.

Nope. Removed. (I was using the official image everywhere else ...)

Slide 24: What would you think about adding a CMD as well? That could lead in to the differences between ENTRYPOINT and CMD.

Done.

Slide 25: The entrypoint.sh script should exec on its final line. It actually does make a difference' see the best practices guide. Specifically, it ensures that signals are propagated to the nginx process correctly, which will be important later if we need to SIGHUP it.

TIL. Thanks!