Session

When it’s time to package your Python application for Docker, there are a whole lot of best practices to follow: my personal list has 70 best practices and it keeps growing. As a result, it can be unclear what’s important, what’s not, where to start, and what to put off until later. If you’re not careful, you can get distracted by optimizing your Docker image size, and neglect to make your image secure.

The underlying problem is that Docker packaging is complicated: it’s at the intersection of multiple organizational processes, from development, to deployment, to debugging, to upgrades. Add on 50 years of technology development going back to early Unix design decisions, and the result is a huge number of details to get right, many of which interact with each other in unexpected ways.

But, once you understand how Docker packaging fits in with all the development and operational processes you’re already doing, those details become a lot less daunting. In particular, by following a structured iterative process for creating your Docker packaging artifacts (Dockerfile etc.), you can think through the decisions you’ll need to make, figure out which new processes you need to start implementing, and make sure you’ve implemented the important details first.

To help you take control of your packaging, this talk will cover an iterative six-step process for packaging an application with Docker, starting with security and ending up with optimizations like build time and image size, along with a few examples of some of the relevant best practices.