Production vs Development Docker setup for Node (Express & Mongo) App

8
votes

I'm attempting to convert a Node app to using Docker but running into a few issues/questions I'm unable to answer.

But for simplicity I've included some very basic example files to keep the question on target. In fact the example below merely links to a Mongo container but doesn't use it in the code to keep it even simpler.

Primarily, what Dockerfile and docker-compose.yml setup is required to successfully use Docker on a Node + Express + Mongo app on both local (OS X) development and for Production builds?

Dockerfile

FROM node:6.3.0

# Create new user to avoid using root - is this correct practise?
RUN useradd --user-group --create-home --shell /bin/false app

COPY package.json /home/app/code/
RUN chown -R app:app /home/app/*

USER app
WORKDIR /home/app/code
# Should this even be set here or use docker-compose instead?
# And should there be:
#  - docker-compose.yml setting it to production by default
#  - docker-compose.dev.yml setting it to production?
# Or reverse it? (docker-compose.prod.yml instead with default being development?)
# Commenting below out or it will always run as production
#ENV NODE_ENV production
RUN npm install

USER root
COPY . /home/app/code
# Running chown to ensure new 'app' user owns files
RUN chown -R app:app /home/app/*
USER app

EXPOSE 3000

# What CMD should be here to ensure development versus production is simple?
# Development - Restart server and refresh browser on file changes
# Production  - Ensure uptime. 
CMD ["npm", "start"]

docker-compose.yml

version: "2"
services:
  web:
    build: .
    # I would normally use a .env file but for this example will set explicitly
    # env_file: .env
    environment:
      - NODE_ENV=production
    volumes:
      - ./:/home/app/code
      - /home/app/code/node_modules
    ports:
      - "3000:3000"
    links:
      - mongo
  mongo:
    image: mongo
    ports:
      - "27017:27017"

docker-compose.dev.yml

version: "2"
services:
  web:
    # I would normally use a .env file but for this example will set explicitly
    # env_file: .env
    environment:
      - NODE_ENV=development

package.json

{
  "name": "docker-node-test",
  "version": "1.0.0",
  "description": "",
  "main": "app.js",
  "scripts": {
    "start": "nodemon app.js"
  },
  "dependencies": {
    "express": "^4.14.0",
    "mongoose": "^4.6.1",
    "nodemon": "^1.10.2"
  },
  "devDependencies": {
    "mocha": "^3.0.2"
  }
}

1. How to handle the different NODE_ENV (dev, production, staging)?

This is my primary question and conundrum.

In the example I’ve used the NODE_ENV is set in the Dockerfile as production and there are two docker-compose files:

  • docker-compose.yml sets the defaults include NODE_ENV to production
  • docker-compose.dev.yml overrides the NODE_ENV and sets it to development

1.1. Is it advised to rather switch that order around and have development settings as the default and instead use a docker-compose.prod.yml for overrides?

1.2. How do you handle the node_modules directory?

I'm really not sure how to handle the node_modules directory at all between local development needs and then running for Production. (Perhaps I have a fundamental misunderstanding though?)

Edit:

I added a .dockerignore file and included the node_modules directory as a line. This ensures the node_modules dir is ignored during the copy, etc.

I then edited the docker-compose.yml to include the node_modules as a volume.

volumes:
  - ./:/home/app/code
  - /home/app/code/node_modules

I have also put the above change into the full docker-compose.yml at the start of the question for completeness.

Is this even a solution?

Doing the above ensured I could have my local development npm install included dev-dependencies. And when running docker-compose up it pulls in the production only node modules inside the Docker container (since the default docker-compose.yml is set to NODE_ENV=production).

But it seems the NODE_ENV set inside the 2 docker-compose files aren't taken into account when running docker-compose -f docker-compose.yml build :/ I expected it to send NODE_ENV=production but ALL of the node_modules are re-installed (including the dev-dependencies).

Do we instead use 2 Dockerfiles? (Dockerfile for Prod; Dockerfile.dev for local development)

(I feel like that is a fundamental piece of logic/knowledge I am missing in the setup)

2. Nodemon vs PM2

How would one use nodemon on the local development machine but PM2 on the Production build?

3. Should you create a user inside the docker containers and then set that user to be used in the Dockerfile?

It uses root user by default but I’ve not seen many articles talking about creating a dedicated user within the container. Am I correct in what I’ve done for security? I certainly wouldn’t feel comfortable running an app as root on a non-Docker build.

Thank you for reading. Any and all assistance appreciated :)

1
node.jsdocker

1 Answers

0
votes

    1. Either, it doesn't matter too much, I prefer to have development details then overwrite with production details.

    2. I don't commit them to my repo, then I have "npm install" in my dockerfile.

  2. You can set rules in the dockerfile to which one to build based on build settings.

  3. It is typical to build everything via root, and run the main program via root. You can set up other users, but for most uses it is not needed as the idea of docker containers is to isolate each process in individual docker containers.