<https://twitter.com/zackster/status/1550018658398...
# luceez
zackster
07/21/2022, 7:24 AMp
Peter Amiri
07/21/2022, 12:15 PM@zackster thanks for posting this. Very timely as I'm about to stand up a server just to use the Lucee scheduler to replace Windows scheduled tasks. Are there any docs or blog posts to describe how to set the Lucee admin/web passwords in a docker image?
a
Adam Cameron
07/21/2022, 12:24 PM
Nice! Good work @Mark Drew (he/him)
š 1
m
Mark Drew (he/him)
07/21/2022, 12:26 PM@Peter Amiri You have two choices:
1. Set a default password that you will change
2. Set a default password that you change and then grab the config out of the web and save it, then copy it in when you config your server.
Mark Drew (he/him)
07/21/2022, 12:26 PMI can do a post on this in a bit.
ā 2
p
Peter Amiri
07/21/2022, 12:28 PM@Mark Drew (he/him) Thanks I just saw a post from Justin Carter basically mentioning the same thing. A fresh write up would be great.
m
Mark Drew (he/him)
07/21/2022, 12:35 PMI have also created the repo for this: https://github.com/cybersonic/super-slim-lucee-docker/tree/main
s
sknowlton
07/21/2022, 1:09 PMif you were going for image size, seems like Tomcat alone is going to put a ceiling on what you're doing. for a microservice, why not https://hub.docker.com/r/foundeo/minibox ?
sknowlton
07/21/2022, 1:10 PMtough to beat 82 MB
p
Peter Amiri
07/21/2022, 1:35 PM@sknowlton but isn't that 82MB just to get a CommandBox instance up. Persumably you'd do a server start in that commandbox to download an engine to run your code in.
s
sknowlton
07/21/2022, 1:35 PMNo. Minibox (and the multi-stage commandbox build) only have the deployed engines. They don't have commandbox
sknowlton
07/21/2022, 1:38 PMThey have runwar, the engine, and undertow. I think Pete tears a bunch of stuff out of the engine to get it that small. We use the regular Commandbox multi-stage build to get small images, they're not 82 MB small but I think they're still smaller than 210 MB (we add a bunch of cruft to ours - but @bdw429s would know)
sknowlton
07/21/2022, 1:39 PMthey might not be sufficiently smaller than that to change up your whole approach if you're used to the non-commandbox route, though, but Minibox definitely is worth a look for microservices
p
Peter Amiri
07/21/2022, 1:47 PM@sknowlton Thanks for that explanation. I didn't know that. And to be completely honest here, I'm not married to any workflow just yet. Frankly I'm still old school. I've got 6 actual servers hosted in a data center running 180 VMs in a H3 KVM hyper-converged virtualization layer from Scale Computing. It's so easy for me to spin up another VM that I haven't looked at Docker much. I've thought about running docker in my environment but that means running some VMs in KVM to run Docker in the VMs. Just seems overkill to me. Most of what I do is not microservice so launch time and image size are not really a concern. That's all for my day to day job. But as we all try to learn new technology, I've been trying to learn more about docker and would consider myself a noob at best. But trying to learn more as I've gotten more involved in some OSS projects and we use docker to run the builds, and test suites, and CI pipeline.
b
bdw429s
07/21/2022, 1:54 PMset the Lucee admin/web passwords in a docker image@Peter Amiri If you're using the
ortusolutions/commandboxcfconfig_adminPasswordbdw429s
07/21/2022, 1:54 PMOr set it in the related
.cfconfig.jsonbdw429s
07/21/2022, 1:55 PMIf CFConfig sets a server context pass and notices there is no web context pass, it will set it there as well so no contexts are passwordless.
bdw429s
07/21/2022, 1:58 PMMinibox is very small, largely because it uses
ā¢ a super small linux distro
ā¢ a 40 Meg Azul JRE
ā¢ Commandbox Lite AND CommandBox Thin binary (removes as much duplicated jars as possible)
ā¢ Pete has a build that goes through and deletes every extra file he can find down to icons and such
That said, I persoanlly think there is a diminishing point of returns in docker image size-- at least when you're deploying a CF app. Lucee itself (non-light) is going to burn around 300 Megs on disk just for the server once you have the lucee.jar, all the, bundles, and the Felix cache. And if you get too carried away deleting stuff like the felix cache and cached class files, then it's just more work on first boot to re-create it all. When my CF engine is packing 200-300 megs, I stop worries about saving 1 meg here or 500KB there for an icon file, lol.
š 1
bdw429s
07/21/2022, 2:00 PMIf you're not careful (and using Adobe CF), you can quickly end up with a docker image well over 1 GB which is pretty crazy, but a little careful planning can get you down into the 500 MB range for a warmed up server. The finalization stuff is great in the Ortus images, but I actually use it more for the faster startup time ( you can be serving requests in 3-5 seconds after deploying the image with a finalized Lucee image)
bdw429s
07/21/2022, 2:01 PMYou just have to keep in mind, the more you "finalize" the image, the less flexibility you have for changing the config at deploy time or re-using the image across dev/stage/prod. I've had clients who chose a 800 MB image because they wanted CFConfig and friends all present at deploy time to have zero secrets in the image and have it be 100% flexible to pump totally different config in at deploy time.
āļø 1
m
Mark Drew (he/him)
07/21/2022, 2:01 PMYeah,. I am looking at warmed up images here, hence the end of my post about startup times.
š 1
Mark Drew (he/him)
07/21/2022, 2:03 PMWhat @bdw429s said. Finalizing images makes them less flexible for deploying in different environments , which has been the main issue. Great if you know from the start but companies grow and new envs are required etc.
I can check out minibox for what I am doing but I was trying to go as simple as poss (i.e. lazy Mark) because as @bdw429s said you get really diminishing returns, and for sure I can send one 80MB image to kubernetes but when it starts up 100 instances that all then download the internet to become 300MB each I have kinda defeated the point a bit.
b
bdw429s
07/21/2022, 2:08 PMMy primary use of minibox is not servers (even though it works), it's Task Runners performing scheduled CLI jobs or running Rabbit Consumers or business logic daemons out on Docker Swarm. When I'm just packing up a single
task.cfcbox task runš 2
p
Peter Amiri
07/21/2022, 2:08 PMThanks for the input @bdw429s. So for full disclosure here is what I need to do. We have an old legacy ERP system written in Rocket UniVerse. There is a JDBC driver for UniVerse which we use in other projects to call UniVerse "programs" via a JDBC Storedprocedure call. Works great, I can get modern CFML code to hit a 50 year old DB technology. So that's the premise for all these questions. Our ERP uses Windows Scheduled tasks to run UniVerse "programs" for reports and tasks at the end of the day, month, year. We are about to bring the UniVerse server into the modern century and setup an HA/DR pair with publishers and subscribers. The issue is I don't want to have to create all those Windows scheduled tasks on both servers, figure out how to keep the subscriber from running them, but when the publisher chokes and we fail over to the subscriber, have the scheduled tasks run on the new server. So I figured, you know lets get Lucee/CFML involved. I'll just write a simple one page API to pass the UniVerse program name to the CFML API, it can in turn make a JDBC call to UniVerse to launch the "program". So this all will take a half an hour to build and stand up. But I'm trying to teach myself new skills by not just standing up another VM in our virtualization cluster and manually configuring Lucee and see if I can get this setup with Docker. Probably end up setting up Docker Swarm in the DC so we can launch docker images into it. It's all a learning exercise wrapped up in a project that probably doesn't need all this overhear. š
š 1
b
bdw429s
07/21/2022, 2:10 PMSounds like fun-- I mentioned using task runners on minibox above-- one of my clients I've actually been converting their old scheduled tasks into task runners. They scheduled them on the swarm with Jenkins (because they already have it and like it) but it completely removes that functionality from the "web app" containers. And since their business logic was already in a module of standalone CFCs, it's easy to share.
bdw429s
07/21/2022, 2:12 PMYou can very easily run a container on a single swarm node, but I create a service with auto-restart off and scaled to 0. When I want to fire the task, I scale the service up to 1 (programatically via the docker CLI) which allows the swarm to decide which node to run it on, and then I attach to the container (via the Docker CLI again) so jenkins gets all the juicy console output.
bdw429s
07/21/2022, 2:13 PMFor "publish/subscriber" tasks that are always running (like RabbitMQ consumers), it's just a task runner in a minibox container that never stops and auto-restarts if it fails
p
Peter Amiri
07/21/2022, 2:20 PMInteresting, so I was thinking of a CFML API that acts as the proxy for calling the individual tasks. Then use another tool, like PRTG or the Lucee Scheduler to actually schedule and run the individual tasks that just each call the API. If I understand you correctly @bdw429s you are suggesting each task having it's own task runner in docker swarm and using Jenkins in you case, which we also have by the way, to schedule and run each of them. There seems to be so many ways to skin this cat. Poor cat...
b
bdw429s
07/21/2022, 2:21 PMYes, many many ways to do it š And let's not forget Luis' recent Coldbox Scheduler additions to Coldbox MVC which have scheduling capabilities and are based on the java Concurrent package! š± š
p
Peter Amiri
07/21/2022, 2:22 PMš¤Æ