cloudinit VS Docker Compose

Newer versions of OS use cloud init -> https://cloud-init.io/

Overall, I think in an article that focuses on cloud computing (specifically AWS) there's too much time being spent in the local command line of a server.

It's an especially revealing sentence when the authors says that "Most attacks won’t be against what we’ve covered in this guide, but against the applications you install next. Properly done, containers can limit the impact."

If we are running containerized applications and we are already in the cloud, why are we futzing around on the command line of a Linux box? Why are we not using a cload orchestrator that abstracts the OS from the equation entirely?

If we do have a need to be on a bare Linux box, all of this OS configuration is better handled with cloud init [1], a configuration management tool like Ansible, and/or by building an image with Packer.

I know that seems like overkill for a small hobby reluctant sysadmin project type of deal but it's very little extra effort once you get used to the workflow. I would even recommend putting this infrastructure in Terraform even though, again, it seems like overkill at first.

Someone else in the comments mentioned that it's easier to just start with a hardened image from the AWS Marketplace, and I also agree with that idea. Find a free hardened image and make that the base for your system.

[1] https://cloud-init.io

Found this related article: "cloud-init re-generates network config every reboot overwriting manual admin changes on CentOS." https://github.com/canonical/cloud-init/issues/2983

You can just lift and shift an exisiting project into the cloud, but let's say you're using AWS's CFT's to define an EC2 instance. Great! throw in some cloud-init ( https://cloud-init.io/ ) script for your ubuntu cloud image for some automated-ness in provisioning and you're off to the races!

You can run an os that has a cloudinit setup. This will on boot do whatever you have in the cloud init file. Check out https://cloud-init.io/ its becoming a standard in operating systems that aren't desktop oriented.

Oh, and as a big bonus, Xen Orchestra supports cloud-init which is a really nice way to customize VMs from a baseline.

Since this is the standard Ubuntu image it's presumably cloud-init which is interpreting your user_data, in which case there are two other possible techniques to use to get this key registered.

Most Linux distribution images in EC2 include cloud-init which runs on startup and retrieves the user data. If you are using a standard Linux distribution AMI then it's probably cloud-init that is taking actions based on your user data, and so cloud-init's documentation on User Data Formats is the relevant reference for you.

Yup. There are several options.

Solutions are many, and could include Docker Compose, VS Code dev containers, Telepresence, Localstack or setting up temporary AWS accounts as a development environment for serverless applications.

Using Docker Compose to run Postgres and any third-party services locally provides a streamlined and consistent development environment. Developers can define services in a docker-compose.yml file, which enables them to configure and launch an entire stack with a single command. In this case, Postgres is encapsulated within a container with predefined configurations. Docker Compose also facilitates easy scaling, updates, and isolation of services, enhancing development efficiency and reducing the setup time for new team members or transitioning between projects. It encapsulates complex configurations, such as Postgres' performance monitoring and logging settings, in a manageable, version-controlled file, simplifying and replicating the service setup across different environments.

“Compose simplifies the control of your entire application stack, making it easy to manage services, networks, and volumes in a single, comprehensible YAML configuration file. Then, with a single command, you create and start all the services from your configuration file.” - Docker documentation

curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh # Install docker compose sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose # Apply executable permissions to the binary sudo chmod +x /usr/local/bin/docker-compose # Run Project docker-compose up -d

Docker,

This foundation now opens the door to even more powerful concepts. You can explore more advanced concepts such as container networking, streamlining the management of complex applications with Docker Compose, and how to make your application data persistent using volumes.

In many projects that are containerized, especially in cases where development is also done locally with docker-compose, teams often have two Dockerfiles, 1 for Development, the other for Production. If you happen to have multiple environments like pre-prod, staging and so on, some teams could have different Dockerfiles for these environments.

sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose