doc: docker

This commit is contained in:
Strix 2023-10-14 17:29:54 +02:00
parent fe4312f9f6
commit 098d43e833
Signed by untrusted user who does not match committer: didier
GPG key ID: 01E71F18AA4398E5

View file

@ -0,0 +1,22 @@
Everything in containers.
---
We at IXVD have everything in containers, powered by Docker.
Containers allow for isolation of services and keep everything organized.
# neong tooling
We use custom tools that interface with docker-compose.
We do this because our infrastructure has become too big to keep everything in one docker-compose file.
Therefore we have a tool that enters directories named "stacks" that adds another layer of isolation; a music client does not need to access our financial records.
# Networking
All public facing containers are added to a network called `proxy`. This can talk to our automated nginx/certbot instance and make sure it's securely accessible.
Internal infrastructure does not use HTTPS at all.
# Docker
We chose for docker as our container engine.
It's well maintained and has been used by the community for a long time.
Therefore, we can easily resolve issues and find answers to things we want to implement.
Also the networking solutions provided by Docker are amazing and allow for very complex but robust infrastructure.