loading...

I would like to create Docker based PaaS. How do you think?

acro5piano profile image Kay Gosho ・2 min read

What is this

It is said that "Sell Before You Build", so I would like to hear you about my prototype.

This is just a demo image, but you can find what the point is.

image

docker-run.com

https://docker-run.com

docker-run.com enables you to run your Docker Containers in production. All you have to do is fill the url of your Docker image.

Why

We all know Docker in production environment is great. Stateless deployment, shared environment in both development and production, and more. However, we have to do a lot of work when we manage our containers in production, such as Blue-Green deployment, Containers health check, and learn Kubernates. Do you imagine if we can run Docker Containers just by telling the url of your Docker image?

  • No need to create Fargate instance
  • No need to learn Kubernates
  • No need to write deploy script
  • No need to care about scalability
  • No need to set up your certificates

Yes, docker-run.com is here: A new and better way to run Docker containers in production.

Possible alternatives:

How to use

As you can see the above demo, all you have to do is input your docker image url. docker-run.com creates an unique domain for your application.

Deploy? It is quite easy, no need to install any tools:

curl -XPOST -H 'Authorization: YOUR_TOKEN' -d HOST/IMAGE:VERSION https://docker-run.com/APP_ID/renew

And the Docker container will be renew without downtime.

Further information

https://github.com/acro5piano/docker-run.com

Currently docker-run.com is alpha. We will launch beta version by April 2019, so please watch us.

Posted on by:

Discussion

markdown guide
 

I'd +1 the mentions of security and alignment towards k8. Docker containers do not isolate the kernel, which may prove catastrophic should a malicious container gain access. The market seems to be trending back towards microVM containers (see updates from Reinvent and KubeCon for Firecracker and Knative), so I'd recommend researching that perspective.

Other than that, you may need to look at how customers would deal with private image registries, and how auth fits into the picture to not become responsible/liable for breach potential.

 

Thank you for your opinion!
Yeah security is the biggest concern for this type of service.

I am thinking providing private image registries as a service like Amazon ECR. And any private registries, including hub.docker.com private image, should be used in the service.
More research is needed. Thanks!

 

From a security perspective, how do you plan on preventing malicious containers or malicious behavior on your platform (e.g. crypto-currency miners, bot-nets ...etc)

 

Thank you for your perspective!
Currently I have no idea of how to keep security. Maybe I'll set the container instance's memory, demo instance running time, etc.

 

Update: I created the working demo!

docker-run.com/

That version does:

  • Remotely run docker pull and docker run
  • Automatically bind container's port to available host port
  • Register each domains and proxy requests to the container
  • Print Docker log with WebSocket

It is really great if you give me your feedbacks!

Note: I used TypeScript + Express + React and more.

Thanks!

 

I think there's a market for this. The big 3's container services are still pricey for small operations. If you price it for the masses and make the backend highly-available, you will have a winner.

 

Thank you for your opinion!
Yes, they are a little pricey for MVP or early stage product.
I think I have still chance by simplifying UX and providing great DX with lower price, especially for start-ups.

 

I'll be the person who says no. There are might be some applications where it can be useful, but it's not going to sail far. Sorry, but I'm not disclosing details under some considerations.

 

Thank you for your opinion! I am really happy if you tell me why you think so :)

 

Easy to develop, and actually I have some trouble in deploying on docker running. So helpful.

 

Thank you for your feedback!

 

This but for k8s would have a lot of potential IMHO, see kubesail

 

Thank you for introducing the service!
I have signed up it, but unfortunately some errors happened so couldn't try it...

 

Yeah, kubesail is quite buggy. Basically it's a k8s namespace aaS, which is definitely the future IMHO.

Yeah k8s based PaaS is the future!

 

I like the idea and I like the simplicity. I assume you just deploy and a unique id is used as a subdomain for the container with traefik discovery?

Keep going!

 

Thanks!

I assume you just deploy and a unique id is used as a subdomain for the container with traefik discovery?

Yes, in my plan YOUR_APP_ID.dockerrun.com will be given to each users, and enables to set your custom domains if you want :)
YOUR_APP_ID.dockerrun.com is enough if you serve your app via SPA or native apps in many situations!

 

This is awesome! Now.sh no longer supports Docker deployments, they only do Serverless Lambda functions now.

 

Yeah, now.sh changed their system in 2.0...
I loved the simplicity, just Dockerfile deploy. However, I assume that Zeit made that decision for some reasons. I'll try to find it.