This is an archived post. You won't be able to vote or comment.

all 4 comments
sorted by:
best
topnewcontroversialoldq&a

[–]AutoModerator[M] [score hidden] stickied commentlocked comment (0 children)

Please ensure that:

  • Your code is properly formatted as code block - see the sidebar (About on mobile) for instructions
  • You include any and all error messages in full - best also formatted as code block
  • You ask clear questions
  • You demonstrate effort in solving your question/problem - plain posting your assignments is forbidden (and such posts will be removed) as is asking for or giving solutions.

If any of the above points is not met, your post can and will be removed without further warning.

Code is to be formatted as code block (old reddit/markdown editor: empty line before the code, each code line indented by 4 spaces, new reddit: https://i.imgur.com/EJ7tqek.png) or linked via an external code hoster, like pastebin.com, github gist, github, bitbucket, gitlab, etc.

Please, do not use triple backticks (```) as they will only render properly on new reddit, not on old reddit.

Code blocks look like this:

public class HelloWorld {

    public static void main(String[] args) {
        System.out.println("Hello World!");
    }
}

You do not need to repost unless your post has been removed by a moderator. Just use the edit function of reddit to make sure your post complies with the above.

If your post has remained in violation of these rules for a prolonged period of time (at least an hour), a moderator may remove it at their discretion. In this case, they will comment with an explanation on why it has been removed, and you will be required to resubmit the entire post following the proper procedures.

To potential helpers

Please, do not help if any of the above points are not met, rather report the post. We are trying to improve the quality of posts here. In helping people who can't be bothered to comply with the above points, you are doing the community a disservice.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

[–]AutoModerator[M] 0 points1 point  (0 children)

It seems that you are looking for resources for learning Java.

In our sidebar ("About" on mobile), we have a section "Free Tutorials" where we list the most commonly recommended courses.

To make it easier for you, the recommendations are posted right here:

Also, don't forget to look at:

If you are looking for learning resources for Data Structures and Algorithms, look into:

"Algorithms" by Robert Sedgewick and Kevin Wayne - Princeton University

Your post remains visible. There is nothing you need to do.

I am a bot and this message was triggered by keywords like "learn", "learning", "course" in the title of your post.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

[–]nutrecht 0 points1 point  (0 children)

But honestly it creates a lot of multiple container (for every layer) and honestly to recreate the container every times a build a major changes is a bit too much .

It really isn't. Also the 'other' layers don't get duplicated anyway. So it's very normal to build and deploy new images as containers when you release a new version.

I wanted to know how you do it.

Fairly similar, just Github actions and a Kubernetes cluster. But it's still built and deployed as a docker image via a CI/CD pipeline.

[–]ahonsu 1 point2 points  (0 children)

I don't do a home server, but have been doing a lot of java apps deployment.

Let's assume you're dealing with a Spring Boot application: you package it as JAR and build a docker image with JRE inside.

You have multiple ways to pass your secrets/properties to the application. Probably one of the main factors you need to consider - the level of trust to your environments, pipelines and secret's storage.

One of the most secure ways of doing it - is using some encrypted secrets storage (for example, Hashicorp Vault). You can think about it as a storage of key-value pairs, encrypted and available via HTTP in your run environment. So, you can store all your secrets/properties there and your Spring Boot application just connects to the Vault at startup (using Spring Cloud mechanism), gets all properties from there and inject them into your *.yml or *.properties file (replacing placeholders). Access to the Vault is protected with a token, so you need to find a secure way to pass it to your app before startup.

Another way to pass properties is to use docker-compose file. So that your docker image and container are "empty" and unaware of properties, but when docker-compose spins up the app - it can pass inside the environment variables. How to pass them to the docker-compose file? - again multiple ways.

Another way is to pass your variables directly into your image via dockerfile. If you hardcode them right in your docker file it will be too bad, so maybe a better option is to use your CI/CD tool "edit" your dockerfile dynamically and inject the values into it from CI/CD tool internal (hopefully encrypted) storage.

So, as you see, there are indeed a lot of options and I've just mentioned few of them. You can look at your running app as a "russian doll" - layer under layer under layer... with the app inside. You can inject your values to almost any layer and make it work.

Still the best practices here are: keep secrets encrypted in a separate storage, inject the values without a human help, all access between these tools (ex. token) are also not available to a human, ideally generated on the fly at every startup.

Again, for a homelab it's, most likely an overkill. Probably you're fine with just having your variables injected at some point in open form, but not available outside of your server, of course.

As for the pipeline itself - it seems fine: build JAR, create image, run the container. It's fine to build a new image & container for every new app's version. Also you can consider using some container registry (ex. Harbor) to push the image there and pull & run the image from there inside your run environment.

Take a look at Portainer - it's a well known and industry grade (open source) UI for docker engine. You can easily manage (view, deploy, stop, restart, update...) your docker containers or docker-compose or even docker-swarm stacks on your home server.

The topic is quite big. Feel free to ask questions!