best practice with docker is to keep a docker image absolutely generic so that it can be deployed to dev/test/production without any changes. Any personalization that needs to be done to make the docker container do it's job should be either
a) passed to the docker container at startup through environment variables b) put in a network service like etcd and then the container is told which etcd to contact for config using an environment variable If you find yourself wanting to put things into the docker container's file system on startup, think long and hard about it, because that is an indicator that "you're doing it wrong!!" according to the docker community. On Fri, Aug 4, 2017 at 9:49 AM, Michael MacIsaac <mike99...@gmail.com> wrote: > Neale, > > Thanks for the quick reply. That's great. > > -Mike > > On Fri, Aug 4, 2017 at 9:42 AM, Neale Ferguson <ne...@sinenomine.net> > wrote: > > > A couple of options. First the certificates: build the container with a > > VOLUME statement that you will then use the -v option on the docker run > > command to mount a unique file or directory on. That would contain your > > certificate although isn’t it possible to put all the certs in /etc/pki/… > > > > Use --ip option to assign a fixed IP to the container – see > > https://stackoverflow.com/questions/27937185/assign- > > static-ip-to-docker-container > > > > Alternatively you could use something like openShift that allows you to > > configure this including allowing you to assign publicly accessible IP > > addresses to the container (openShift runs haproxy). For a description of > > building and running things on openShift Origin under Linux on Z see: > > > > http://download.sinenomine.net/clefos/epel7/Getting_ > > Started_with_OpenShift_on_z.pdf > > > > Neale > > > > On 8/4/17, 9:32 AM, "Linux on 390 Port on behalf of Michael MacIsaac" < > > LINUX-390@VM.MARIST.EDU<mailto:LINUX-390@VM.MARIST.EDU> on behalf of > > mike99...@gmail.com<mailto:mike99...@gmail.com>> wrote: > > > > > > I still don't grok Docker. > > > > Let's say I want to create a Docker image of a zLinux system. Let's say > > this system runs Apache and needs a certificate to enable https. Let's > say > > I want to run this image on multiple LPARs. So each system will need a > > unique host name and thus a unique certificate, right? > > > > ---------------------------------------------------------------------- > > For LINUX-390 subscribe / signoff / archive access instructions, > > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or > > visit > > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > ---------------------------------------------------------------------- > > For more information on Linux on System z, visit > > http://wiki.linuxvm.org/ > > > > > > -- > -Mike MacIsaac > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or > visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- > For more information on Linux on System z, visit > http://wiki.linuxvm.org/ > -- Jay Brenneman ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
