DEV Community

Kay Gosho
Kay Gosho

Posted on

I would like to create Docker based PaaS. How do you think?

What is this

It is said that "Sell Before You Build", so I would like to hear you about my prototype.

This is just a demo image, but you can find what the point is.

image

docker-run.com

https://docker-run.com

docker-run.com enables you to run your Docker Containers in production. All you have to do is fill the url of your Docker image.

Why

We all know Docker in production environment is great. Stateless deployment, shared environment in both development and production, and more. However, we have to do a lot of work when we manage our containers in production, such as Blue-Green deployment, Containers health check, and learn Kubernates. Do you imagine if we can run Docker Containers just by telling the url of your Docker image?

  • No need to create Fargate instance
  • No need to learn Kubernates
  • No need to write deploy script
  • No need to care about scalability
  • No need to set up your certificates

Yes, docker-run.com is here: A new and better way to run Docker containers in production.

Possible alternatives:

How to use

As you can see the above demo, all you have to do is input your docker image url. docker-run.com creates an unique domain for your application.

Deploy? It is quite easy, no need to install any tools:

curl -XPOST -H 'Authorization: YOUR_TOKEN' -d HOST/IMAGE:VERSION https://docker-run.com/APP_ID/renew
Enter fullscreen mode Exit fullscreen mode

And the Docker container will be renew without downtime.

Further information

https://github.com/acro5piano/docker-run.com

Currently docker-run.com is alpha. We will launch beta version by April 2019, so please watch us.

Discussion (21)

Collapse
markschaal profile image
Mark

I'd +1 the mentions of security and alignment towards k8. Docker containers do not isolate the kernel, which may prove catastrophic should a malicious container gain access. The market seems to be trending back towards microVM containers (see updates from Reinvent and KubeCon for Firecracker and Knative), so I'd recommend researching that perspective.

Other than that, you may need to look at how customers would deal with private image registries, and how auth fits into the picture to not become responsible/liable for breach potential.

Collapse
acro5piano profile image
Kay Gosho Author

Thank you for your opinion!
Yeah security is the biggest concern for this type of service.

I am thinking providing private image registries as a service like Amazon ECR. And any private registries, including hub.docker.com private image, should be used in the service.
More research is needed. Thanks!

Collapse
pbnj profile image
Peter Benjamin (he/they)

From a security perspective, how do you plan on preventing malicious containers or malicious behavior on your platform (e.g. crypto-currency miners, bot-nets ...etc)

Collapse
acro5piano profile image
Kay Gosho Author

Thank you for your perspective!
Currently I have no idea of how to keep security. Maybe I'll set the container instance's memory, demo instance running time, etc.

Collapse
zk profile image
zk

I think there's a market for this. The big 3's container services are still pricey for small operations. If you price it for the masses and make the backend highly-available, you will have a winner.

Collapse
acro5piano profile image
Kay Gosho Author

Thank you for your opinion!
Yes, they are a little pricey for MVP or early stage product.
I think I have still chance by simplifying UX and providing great DX with lower price, especially for start-ups.

Collapse
acro5piano profile image
Kay Gosho Author • Edited on

Update: I created the working demo!

docker-run.com/

That version does:

  • Remotely run docker pull and docker run
  • Automatically bind container's port to available host port
  • Register each domains and proxy requests to the container
  • Print Docker log with WebSocket

It is really great if you give me your feedbacks!

Note: I used TypeScript + Express + React and more.

Thanks!

Collapse
pojntfx profile image
Felix Pojtinger • Edited on

This but for k8s would have a lot of potential IMHO, see kubesail

Collapse
acro5piano profile image
Kay Gosho Author

Thank you for introducing the service!
I have signed up it, but unfortunately some errors happened so couldn't try it...

Collapse
pojntfx profile image
Felix Pojtinger

Yeah, kubesail is quite buggy. Basically it's a k8s namespace aaS, which is definitely the future IMHO.

Thread Thread
acro5piano profile image
Kay Gosho Author

Yeah k8s based PaaS is the future!

Collapse
elimisteve profile image
Steve Phillips

I think the idea is compelling, but not as a business; seems hard to monetize and to compete against Heroku and others.

Even though developers would find this useful, Jeff Lindsay made github.com/dokku/dokku (19,000+ GitHub stars) which already seems to do a great job of this.

Collapse
shunyamada profile image
shunyamada

Easy to develop, and actually I have some trouble in deploying on docker running. So helpful.

Collapse
acro5piano profile image
Kay Gosho Author

Thank you for your feedback!

Collapse
tyrotoxin profile image
Serge Semenov

I'll be the person who says no. There are might be some applications where it can be useful, but it's not going to sail far. Sorry, but I'm not disclosing details under some considerations.

Collapse
acro5piano profile image
Kay Gosho Author

Thank you for your opinion! I am really happy if you tell me why you think so :)

Collapse
gabrielcalderon profile image
Gabriel Calderon

This is awesome! Now.sh no longer supports Docker deployments, they only do Serverless Lambda functions now.

Collapse
acro5piano profile image
Kay Gosho Author

Yeah, now.sh changed their system in 2.0...
I loved the simplicity, just Dockerfile deploy. However, I assume that Zeit made that decision for some reasons. I'll try to find it.

Collapse
imthedeveloper profile image
ImTheDeveloper

I like the idea and I like the simplicity. I assume you just deploy and a unique id is used as a subdomain for the container with traefik discovery?

Keep going!

Collapse
acro5piano profile image
Kay Gosho Author

Thanks!

I assume you just deploy and a unique id is used as a subdomain for the container with traefik discovery?

Yes, in my plan YOUR_APP_ID.dockerrun.com will be given to each users, and enables to set your custom domains if you want :)
YOUR_APP_ID.dockerrun.com is enough if you serve your app via SPA or native apps in many situations!

Collapse
im1 profile image
IM1

Apologies if I am missing something obvious, how would it scale up and down?