decision-record/001-everything-in-containers.md
2023-11-09 21:14:45 +01:00

1.1 KiB

Everything in containers.

We at IXVD have everything in containers, powered by Docker.
Containers allow for isolation of services and keep everything organized.

neong tooling

We use custom tools that interface with docker-compose.
We do this because our infrastructure has become too big to keep everything in one docker-compose file.

Therefore we have a tool that enters directories named "stacks" that adds another layer of isolation; a music client does not need to access our financial records.

Networking

All public facing containers are added to a network called proxy. This can talk to our automated nginx/certbot instance and make sure it's securely accessible. Internal infrastructure does not use HTTPS at all.

Docker

We chose for docker as our container engine.
It's well maintained and has been used by the community for a long time.
Therefore, we can easily resolve issues and find answers to things we want to implement.
Also the networking solutions provided by Docker are amazing and allow for very complex but robust infrastructure.