Skip to content

Commit 19520bf

Browse files
rubenfiszelrubenfiszel
committed
update docker docs
1 parent a79e040 commit 19520bf

File tree

1 file changed

+57
-44
lines changed

1 file changed

+57
-44
lines changed

docs/advanced/7_docker/index.mdx

Lines changed: 57 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -29,69 +29,82 @@ On the docker-compose, it is enough to uncomment the volume mount of the Windmil
2929

3030
In the charts values of our [helm charts](https://github.com/windmill-labs/windmill-helm-charts), set `windmill.exposeHostDocker` to `true`.
3131

32-
### Remote Docker daemon
32+
## Docker-in-Docker sidecar container (Recommended)
3333

3434
One possibility to use the docker daemon with k8s with containerd is to run a docker daemon in the same pod using "Docker-in-Docker" ( dind) Using the official image `docker:stable-dind`:
3535

36-
Here an example of a dind template to be adapted:
36+
Here an example of a a worker group setup with a dind side-container to be adapted with your needs.
3737

38-
```yaml
39-
apiVersion: v1
40-
kind: Pod
41-
metadata:
42-
name: dind
43-
spec:
44-
containers:
45-
- name: dind
46-
image: 'docker:stable-dind'
47-
command:
48-
- dockerd
49-
- --host=tcp://0.0.0.0:8000
38+
```
39+
workerGroups:
40+
...
41+
- name: "docker"
42+
replicas: 2
5043
securityContext:
5144
privileged: true
45+
resources:
46+
limits:
47+
memory: "256M"
48+
ephemeral-storage: "8Gi"
49+
volumes:
50+
- emptyDir: {}
51+
name: sock-dir
52+
- emptyDir: {}
53+
name: windmill-workspace
54+
volumeMounts:
55+
- mountPath: /var/run
56+
name: sock-dir
57+
- mountPath: /opt/windmill
58+
name: windmill-workspace
59+
extraContainers:
60+
- args:
61+
- --mtu=1450
62+
image: docker:27.2.1-dind
63+
imagePullPolicy: IfNotPresent
64+
name: dind
65+
resources:
66+
limits:
67+
memory: "2Gi"
68+
ephemeral-storage: "8Gi"
69+
securityContext:
70+
privileged: true
71+
terminationMessagePath: /dev/termination-log
72+
terminationMessagePolicy: File
73+
volumeMounts:
74+
- mountPath: /opt/windmill
75+
name: windmill-workspace
76+
- mountPath: /var/run
77+
name: sock-dir
5278
```
5379

54-
## Use
80+
## Using Windmill native docker support (recommended)
81+
82+
Windmill has a native docker support if the `# docker` annotation is used. It will assume a a docker socket is mounted like in the example above and will take over management of the container as soon as the script ends. Which is why you should use docker `-d` deamon mode so that the bash script terminates early.
5583

5684
The default code is as follows:
5785

5886
```
87+
# docker
88+
# The annotation "docker" above is important, it tells windmill that after
89+
# the end of the bash script, it should manage the container at id $WM_JOB_ID:
90+
# pipe logs, monitor memory usage, kill container if job is cancelled.
91+
5992
msg="${1:-world}"
6093
61-
docker run --rm alpine /bin/echo "Hello $msg"
62-
```
94+
IMAGE="alpine:latest"
95+
COMMAND="/bin/echo Hello $msg"
6396
64-
`msg` is just a normal bash variable. It can be used to pass arguments to the script. This syntax is the standard bash one to assign default values to parameters.
97+
# ensure that the image is up-to-date
98+
docker pull $IMAGE
6599
100+
# if using the 'docker' mode, name it with $WM_JOB_ID for windmill to monitor it
101+
docker run --name $WM_JOB_ID -it -d $IMAGE $COMMAND
66102
```
67-
docker run --rm <image> <command>
68-
```
69-
70-
--rm is so that the container dispose itself after being executed. It helps unpollute the host.
71-
72-
The image is the docker image to run. It can be any image available on docker hub or any private registry. It can also be a local image.
73-
74-
The command is the command to run inside the container. It can be any command available in the image.
75-
76-
It is just a bash script so it will behave exactly the same as a local command or if running this as an ssh command on the host. As a consequence, you can use any strategy to cache docker images or handle authentication.
77-
78-
Do not use the daemon mode `-d` otherwise the script will immediately return while the container continue to run in the background. However, in some cases, that might be what you want.
79-
80-
Like any bash script, it will return the last line of the stdout. So be sure to print the return value from your command if you'd like to use it as a result.
81-
82-
As a script:
83-
84-
![script 1](./as_script.png.webp)
85-
86-
![script 2](./as_script2.png.webp)
87-
88-
As a flow step:
89103

90-
![flow step 1](./as_flow.png.webp)
91104

92-
![flow step 2](./as_flow2.png.webp)
105+
## Using remote container deamons (not recommended)
93106

94-
## Use with remote Docker daemon
107+
### Remote docker deamon (not recommended)
95108

96109
```bash
97110
#!/bin/bash
@@ -122,7 +135,7 @@ Hello
122135
+ exit 0
123136
```
124137

125-
## Kubernetes
138+
### As a kubernetes task (not recommended)
126139

127140
If you use kubernetes and would like to run your docker file directly on the kubernetes host, use the following script:
128141

0 commit comments

Comments
 (0)