Compose Apps¶
Docker-compose Apps or “Compose Apps” are the recommended way for doing application development in a FoundriesFactory. Docker-compose has emerged as a great way to develop applications. However, it doesn’t specify how to distribute applications. Compose apps fill in this gap for Factory devices.
Compose Apps in a Factory¶
Compose apps are automatically managed from containers.git by naming convention. Any top-level directory containing a docker-compose.yml file is distributed as compose apps. Here is a simplistic source layout:
When changes are made to containers.git, the factory will produce a new
Target that includes the updated httpd
compose app:
Compose Apps Distribution¶
Compose apps are distributed by taking advantage of Docker Registry primitives. The httpd example above becomes a tarball stored in hub.foundries.io:
The tarball is an exact copy of httpd’s directory layout in containers.git
with one important exception: The publishing logic looks at each service
image in the compose file and will pin it to the correct sha256 checksum
at the time of publishing. For this example, nginx:alpine
would
become something like nginx:sha256@deadbeef
. This ensures each version of
the compose app is immutable.
Aktualizr-lite then has logic to grab this content from the docker registry, validate it cryptographically, and extract it locally so that docker-compose can consume it.
How Does It Fit Together?¶
Changes to containers produce new TUF Targets that aktualizr-lite can install. The interesting part of the Target in this case will be:
Examples¶
Single container application¶
Many users can build their entire application as a single container. In this scenario containers.git layout might look like:
Non-comment lines of .composeappignores
will match files
according to Golang’s filepath.Match
Each change to containers.git will produce a new compose app with contents:
In this case hub.foundries.io/<factory>/simple-app:latest
is pinned to
the exact container built during the change to containers.git. The CI logic
does this automatically for the user.
A Flask Web App¶
This example uses multiple containers to build a typical python3 Flask application:
Changes to containers.git does a couple of interesting things here:
- It will build and publish a version of the hello-world container. For
this example, call it
hub.foundries.io/<factory>/hello-world:GIT_SHORT_HASH
- A compose app will be published. The compose app will include the
nginx.conf file and a “pinned” docker-compose.yml. In this case the
containers will be pinned to:
nginx:alpine
- the sha256 checksum of nginx:alpine at the time this was built.hub.foundries.io/<factory>/hello-world
- the sha256 checksum ofGIT_SHORT_HASH
at the time this was built.