Docker

Clever Cloud offers support for Docker containers. These are deployed inside virtual machines to guarantee a secure level of isolation.

Overview

Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production, on VMs, bare-metal servers, public instances, or combinations of the above.

Clever Cloud allows you to deploy any application running inside a Docker container. This page will explain how to set up your application to run it on our service.

ℹ️
Clever Cloud supports many languages, but some users have specific application needs. With Docker, they can create custom stacks without relying on Clever Cloud’s specific support.
⚠️
FS Buckets access, Dockerfile validation, and Docker Compose functionalities are not supported.

Setting up environment variables on Clever Cloud

With the Clever Cloud console

  1. Go to the Clever Cloud console, and find the app you want to fine tune under it’s organization.
  2. Find the Environment variables menu and select it.
  3. In this menu, you will see a form with VARIABLE_NAME and variable value fields.
  4. Fill them with the desired values then select Add.
  5. Don’t forget to “Update Changes” at the end of the menu.

With the Clever Tools CLI

  1. Make sure you have clever-tools installed locally. Refer to our CLI getting started.
  2. In your code folder, do clever env set <variable-name> <variable-value>

Refer to environment variables reference for more details on available environment variables on Clever Cloud.

You can of course create custom ones with the interface we just demonstrated, they will be available for your application.

Configure your Docker application

Mandatory configuration

Be sure that you:

  • push on the master branch.
  • have and commit a file named Dockerfile or use the CC_DOCKERFILE environment variable if your Dockerfile has a different name, Here is what it will look like.
  • run the application with CMD or ENTRYPOINT in your Dockerfile.
  • listen on HTTP port 8080 by default (you can set your own port using CC_DOCKER_EXPOSED_HTTP_PORT=<port> environment variable).

Dockerfile contents

You can virtually put everything you want in your Dockerfile. The only mandatory (for us) instruction to put in it is:

CMD <command to run>

command to run: this is the command that starts your application. Your application must listen on port 8080. It can be easier for you to put a script in your docker image and call it with the CMD instruction.

Memory usage during building

If the building step of your app crashes because it uses more memory that it’s available, you’ll have to split the building and running steps and enable Dedicated build instance

# The base image
FROM outlinewiki/outline:version-0.44.0

# Run the memory intensive build on an instance with 4 GB of memory (M)
RUN yarn install && yarn build

# Start the app on a smaller instance (nano)
CMD yarn start

TCP support

Clever Cloud enables you to use TCP over Docker applications using the environment variable CC_DOCKER_EXPOSED_TCP_PORT=<port>. Refer to the documentation page to know how to create TCP redirections.

Docker socket access

Some containers require access to the docker socket, to spawn sibling containers for instance.

⚠️
Giving access to the docker socket breaks all isolation provided by docker. DO NOT give socket access to untrusted code.

You can make the docker socket available from inside the container by adding the CC_MOUNT_DOCKER_SOCKET=true environment variable. In that case, docker is started in the namespaced mode, and in bridge network mode.

Private registry

We support pulling private images through the docker build command. To login to a private registry, you need to set a few environment variables:

  • CC_DOCKER_LOGIN_USERNAME: the username to use to login
  • CC_DOCKER_LOGIN_PASSWORD: the password of your username
  • CC_DOCKER_LOGIN_SERVER (optional): the server of your private registry. Defaults to Docker’s public registry.

This uses the docker login command under the hood.

Enable IPv6 networking

You can activate the support of IPv6 with a IPv6 subnet in the docker daemon by adding the CC_DOCKER_FIXED-CIDR-V6=<IP> environment variable.

Build-time variables

You can use the ARG instruction to define build-time environment variables.

Every environment variable defined for your application will be passed as a build environment variable using the --build-arg=<ENV> parameter during the docker build phase.

Dockerized Rust application Deployment

To make your dockerized application run on clever Cloud, you need to:

  • expose port 8080 in your docker file
  • run the application with CMD or ENTRYPOINT

For instance, here is the Dockerfile used for the Rust application:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
# rust tooling is provided by `archlinux-rust`
FROM geal/archlinux-rust
MAINTAINER Geoffroy Couprie, contact@geoffroycouprie.com

# needed by rust
ENV LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib

# relevant files are in `./source`
ADD . /source
WORKDIR /source

# Clever Cloud expects your app to listen on port 8080
EXPOSE 8080
RUN rustc -V

# Build your application
RUN cargo build

# Run the application with `CMD`
CMD cargo run

Dockerized HHVM application Deployment

Deploying a HHVM application is a bit trickier as it needs to have both HHVM and nginx running as daemons. To be able to have them running both, we need to put them in a start script:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
#!/bin/sh

hhvm --mode server -vServer.Type=fastcgi -vServer.Port=9000&

service nginx start

composer install

echo "App running on port 8080"

tail -f /var/log/hhvm/error.log

Since the two servers are running as daemons, we need to start a long-running process. In this case we use tail -f. We then add start.sh as the CMD in the Dockerfile

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# We need HHVM
FROM jolicode/hhvm

# We need nginx
RUN sudo apt-get update \
 && sudo apt-get install -y nginx

ADD . /root
RUN sudo chmod +x /root/start.sh

# Nginx configuration
ADD hhvm.hdf /etc/hhvm/server.hdf
ADD nginx.conf /etc/nginx/sites-available/hack.conf
RUN sudo ln -s /etc/nginx/sites-available/hack.conf /etc/nginx/sites-enabled/hack.conf
# Checking nginx config
RUN sudo nginx -t

RUN sudo chown -R www-data:www-data /root
WORKDIR /root

# The app needs to listen on port 8080
EXPOSE 8080

# Launch the start script
CMD ["sudo","/root/start.sh"]

Sample dockerized applications

We provide a few examples of dockerized applications on Clever Cloud.

Environment injection

Clever Cloud injects environment variables from your application settings as mentioned in setting up environment variables and is also injecting in your application production environment, those from your linked add-ons.

Custom build configurations

On Clever Cloud you can define some build configuration: like the app folder to deploy or the path to validate your application deployment is ready To do that follow the documentation here and add the environement variable you need.

Git Deployment on Clever Cloud

You need Git on your computer to deploy via this tool. Here is the official website of Git to get more information: git-scm.com

Setting up your remotes

  1. The “Information” page of your app gives you your Git deployment URL, it looks like this:

    1. git+ssh://git@push.clever-cloud.com/<your_app_id>.git
    2. Copy it in your clipboard
  2. Locally, under your code folder, type in git init to set up a new git repository or skip this step if you already have one

  3. Add the deploy URL with git remote add <name> <your-git-deployment-url>

  4. Add your files via git add <files path> and commit them via git commit -m <your commit message>

  5. Now push your application on Clever Cloud with git push <name> master

Refer to git deployments for more details.

Linking a database or any other add-on to your application

By linking an application to an add-on, the application has the add-on environment variables in its own environment by default.

On add-on creation

Many add-ons do exist on Clever Cloud: refer to the full list and check add-ons dedicated pages for full instructions.

During add-on creation, an Applications screen appears, with a list of your applications. You can toggle the button to Link and click next. If you finish the process of add-on creation, the application is automatically linked to it.

Add-on already exists

In the Clever Cloud console, under the Service Dependencies menu of your application, you can use the Link add-ons dropdown menu to select the name of the add-on you want to link and use the add button to finish the process.

You can also link another application from the same page in the Clever Cloud console, using the Link applications dropdown menu.

More configuration

Need more configuration? To run a script at the end of your deployment? To add your private SSH key to access private dependencies?

Go check the Common configuration page.

You may want to have an advanced usage of your application, in which case we recommend you to read the Administrate documentation section.

If you can’t find something or have a specific need like using a non supported version of a particular software, please reach out to the support.

Enable health check during deployment

The healthcheck allows you to limit downtimes. Indeed, you can provide Clever Cloud with paths to check. If these paths return something other than 200, the deployment will fail.

Add one (or several) environment variable as such:

CC_HEALTH_CHECK_PATH=/my/awesome/path

Or

CC_HEALTH_CHECK_PATH_0=/my/awesome/path
CC_HEALTH_CHECK_PATH_1=/my/other/path

The deployment process checks all paths. All of them must reply with a 200 OK response code.

Example

Using the path listed above, below are the expected logs:

Response from GET /my/awesome/path is 200
Response from GET /my/other/path is 500
Health check failed:
- GET /my/other/path returned 500.
If the deployment fails after this message, please update your configuration and redeploy.

In this example, the first path is OK, but the second one failed. This gives you a hint on what failed in your application.

Best practice for healthcheck endpoints

To make the most of a healthcheck endpoint, have it check your critical dependencies. For example:

  • execute SELECT 1 + 1; on your database
  • retrieve a specific Cellar file
  • ping a specific IP through a VPN
Last updated on