A general tunnel command:

1
2
3
4
5
6
7
8
9
10
11
12
13

ssh myuser@mysrv
  -L   8080:localhost:80  # tunnel local_port:target:target_port
  -L *:8080:localhost:80  # tunnel open to everyone who can connect to this machine
  -R   3380:localhost:80  # reverse tunnel port_on_mysrv:target:target_port
  -R *:3322:localhost:22  # reverse tunnel open to everyone who can connect to mysrv
  -q # quiet mode
  -f # go to background
  -n # redirects stdin from /dev/null
  -N # do not execute a remote command
  -T # disable pseudo-terminal allocation
  -M -S /path/to/socket # enable master mode via a shared socket
  -o UserKnownHostsFile=/dev/null # do not update known_hosts file
  -o StrictHostKeyChecking=no     # do no check the empty known_hosts file

Note: to allow the creation of reverse tunnels opened to everyone (0.0.0.0) you have to set this option:

1
2

# server configuration: /etc/ssh/sshd_config
GatewayPorts clientspecified

Scriptable tunnels

You can look for process IDs via pgrep/pkill:

1
2

ssh -fnNT ... mysrv          # start
pkill -f -QUIT 'ssh.*mysrv'  # stop

or better use master mode to avoid both grepping and any timing issues:

1
2
3

ssh -fNM -S /path/to/socket ... mysrv  # start
ssh -S /path/to/socket -O check        # check
ssh -S /path/to/socket -O exit mysrv   # stop

Auto-closing tunnels

SSH runs the specified command and then exits only if no one is using the tunnel:

1
2

ssh -f myusr@mysrv sleep 10  # start auto-closing tunnel
vncviewer 127.0.0.1::25901   # use the tunnel

Keep alive your connection

Keep alive the connection for 60 seconds, 1440 times (= 24 hours):

1
2
3
4

# client configuration: /etc/ssh/ssh_config | ~/.ssh/config
Host *
  ServerAliveInterval 60
  ServerAliveCountMax 1440

1
2
3

# server configuration: /etc/ssh/sshd_config
ClientAliveInterval 60
ClientAliveCountMax 1440

Test connectivity

1

ssh -o BatchMode=yes -o ConnectTimeout=3 myusr@mysrv exit && echo ok || echo ko

List active tunnels and ports

1

sudo lsof -i -n | egrep sshd

Port knocking

1
2
3
4
5
6
7

# -4=ip4, -z=scan, -n=no_dns_lookup, -u=UDP, -v=verbose, -w=timeout_seconds
nc -4znuv hostname_or_ip port1 port2 ...

# example using TCP and wait interval 
nc -4zw 1 myhost port1; sleep 1
nc -4zw 1 myhost port2; sleep 1
...

Source: Stackexchange - master mode, Patrickmn - keep alive, Stackoverflow - test, Superuser - list active tunnels

Ruby roadmap.sh

https://roadmap.sh/ruby

Recommend books: Ruby and software design

• Books I've finished, or am in the middle of:
  • Rails Scales! by Cristian Planas. I've been learning quite a lot from this one. Fair warning: it's a bunch of highly-specific topics.
  • The Well-Grounded Rubyist, 3rd Edition by David A. Black. The first edition of this book taught me ruby. It goes surprisingly deep, teaching from first principles instead of aiming to get people productive ASAP.
  • Programming Ruby 3.3 by Noel Rappin. The Pickaxe isn't just for beginners!
• Books I've collected on the topic but haven't yet read include:
  • Rebuilding Rails by Noah Gibbs
  • The Rails 8 Way by Dohmen et al.
  • Rails Way: ActiveRecord Deep Dive by Aadland et al.
  • The Ruby Way, 3rd Edition by Hal Fulton
  • Metaprogramming Ruby 2 by Paolo Perrotta
  • The Ruby Programming Language by David Flanagan and Yukihiro Matsumoto (Matz)
  • Polished Ruby Programming by Jeremy Evans
  • High Performance PostgreSQL with Rails by Andrew Atkinson
• Books I intend to read when they are published:
  • The second edition of Ruby Under a Microscope by Pat Shaughnessy
  • Building Progressive Web Apps with Rails by Dohmen et al.
  • The Well-Grounded Rubyist, 4th Edition by David A. Black
  • Programming Ruby 4 by Noel Rappin. Announced the day after I made this comment, so I added this line in an edit.
• Non-Rails books that are also relevant to mastering best practices and design principles:
  • The Practical Guide to Structured Systems Design, Second Edition by Meilir Page-Jones... maybe? This is notably not OOP and much of it is historical, but covers topics other books will expect you to know: modularity, coupling, cohesion, connascence, etc.
  • Object Design by Rebecca Wirfs-Brock. I have not been able to find a better coverage of OO fundamentals than this, even though it's been 20+ years.
  • Smalltalk Best Practice Patterns or Implementation Patterns by Kent Beck. They are nearly the same book. The former is Smalltalk (Ruby takes heavy influence from Smalltalk & Perl), the latter is Java (but written with a decade more experience).
  • Design Patterns by Gamma et al. Some of it is mostly irrelevant; blocks and Enumerable mean few Iterators, for example. Then again, maybe that is just another incarnation of Iterator. Some of it only seems irrelevant; Visitors seemed useless to me until I wanted to interact with some Prism-parsed ruby ASTs. Now they're invaluable.
  • Patterns of Enterprise Application Architecture by Martin Fowler. Rails is a Ruby implementation of a selection of these patterns. Even ActiveRecord was named and documented in this book for the first time as... Active Record.
  • SQL Antipatterns, Volume 1 by Bill Karwin. This covers important relational design gotchas and best practices, such as how to (and not to) represent tree structures. This is highly relevant for designing ActiveRecord models.
• Other books I would guess you'll enjoy:
  • Understanding Computation: From Simple Machines to Impossible Programs by Tom Stuart
  • Code, Second Edition by Charles Petzold
  • Strangely enough, Concurrent Programming in Java, Second Edition by Doug Lea is still supposed to be one of the best introductions to concurrency basics in any language. I haven't read it, though.

More comprehensive list of Ruby/Rails books

Most Ruby jobs in Europe and the Americas, you'll want to learn not just Ruby, but also how to develop competently with Rails. Rails development is web development, so in addition to Ruby I'd recommend you also learn HTML, CSS, and a little bit of JavaScript. Rails development is also information systems development, so I'd recommend you learn modeling and a little bit of SQL. And finally, Ruby and Rails both heavily lean into Object-Oriented Programming, so I'd recommend you learn Object-Oriented Analysis, Object-Oriented Design, Object-Oriented Programming, Refactoring, and Automated Tests.

Do you know what a class is? Do you know the difference between an Array and a Hash? If not, start with Learn to Program, Third Edition by Chris Pine. While you work through that, get your foundation in the web with Learning Web Design, Sixth Edition by Jennifer Robbins. You'll finish Pine before you finish Robbins, so start Programming Ruby 3.3 by Noel Rappin et al. while you finish Robbins. When you do, start reading SQL Queries for Mere Mortals, 4th Edition by John Viescas as you finish Rappin. (You'll notice I'm having you learn more than one skill at a time. This is by design, and is scientifically proven to be useful.) Take a breather your first Kent Beck masterpieces: Implementation Patterns (or maybe its doppelgänger, Smalltalk Best Practice Patterns) followed by Tidy First?. Then wrap it up with Developer Testing by Alexander Tarlinder followed by Test-Driven Development: By Example by Kent Beck.

When you arrive at this point, you'll have a really good foundation in programming (Ruby, Object-Oriented Programming), data modeling (SQL, relational database design), and web development (HTML, CSS, JavaScript). With those foundation skills in your noggin, it's time to assimilate them: a one-two(-three) punch of Agile Web Development with Rails 8 by Sam Ruby, followed by Active Rails by Kieran Andrews et al., followed by the Rails Guides ePub by the Rails community. I'm suggesting three beginner resources because it's a really wide framework, and multiple introductions are usually helpful. They each also teach in very different ways. Now go make stuff! But don't stop learning.

That's enough to get a few portfolio pieces (including automated tests) under your belt while you start looking for a junior developer job or an apprenticeship. Don't let your skills plateau here, though. You've just started, and a job in this industry means a lifetime of learning. Start learning Object-Oriented Analysis & Design by reading Fundamentals of Object-Oriented Design in UML by Meilir Page-Jones -- yes, it's old; no, that's not a problem. Follow it up with Smalltalk, Objects, and Design by Chamond Liu, then Refactoring: Improving the Design of Existing Code, 2nd Edition by Martin Fowler. After that, read the couldn't-disagree-more-with-each-other Object Thinking by David West and Object-Oriented Analysis and Design with Applications, 3rd Edition by Grady Booch et al.. Think critically about the differences in their approach, and pick a side.

While you're working through that OO track, get more breadth in web technology. Read JavaScript: The Definitive Guide, 7th Edition by David Flanagan, HTTP: The Definitive Guide by David Gourley et al., and then HTTP/2 In Action by Barry Pollard.

Once you've done both of those, swing back around to some advanced Ruby on Rails material. Read The Rails 8 Way by Obie Fernandez et al., then Modern Front-End Development for Rails, Second Edition by Noel Rappin. If you find yourself working for a company that would benefit from having a native iPhone/Android app, read Hotwire Native for Rails Developers by Joe Masilotti. If you find yourself working for a company with a lot of traffic & users, read Rails Scales! by Cristian Planas. If you find yourself working for a big company with a lot of enterprise data to model and a lot of programmers, read Component-Based Rails Applications by Stephan Hagemann.

With this much experience under your belt, it's time to swing back around and start learning some architecture. Read Design Patterns: Elements of Reusable Object-Oriented Software by Erich Gamma et al. concurrently with Design Patterns in Ruby by Russ Olsen. Then read Patterns of Enterprise Application Architecture by Martin Fowler, then Domain-Driven Design Distilled by Vaughn Vernon immediately followed by Domain-Driven Design by Eric Evans. Wrap it up with Clean Architecture: A Craftsman's Guide to Software Structure and Design by Robert C. Uncle Bob Martin.

Treat the official Ruby Docs like a book

If you're looking for free (and you're not new to programming), don't discount the official documentation!

1. README
2. What's Ruby
3. Ruby in Twenty Minutes, Pt. 1
4. Ruby in Twenty Minutes, Pt. 2
5. Ruby in Twenty Minutes, Pt. 3
6. Ruby in Twenty Minutes, Pt. 4
7. Keywords
8. Code Layout
9. Literals
10. Assignment
11. Control Expressions
12. Pattern matching
13. Methods
14. Calling Methods
15. Modules and Classes
16. Exception Handling
17. Precedence
18. Refinements
19. Miscellaneous Syntax
20. Comments
21. Operators
22. Implicit Conversions
23. Ruby Standard Library
24. From there, just start exploring the Pages, Classes, and Modules!
    • Pages to read: Pre-Defined Global Variables, Ruby Command-Line Options, OptionParser Tutorial, Ruby Security
    • Classes to read: Object, Numeric, String, Symbol, Data, Struct, Array, Set, Hash, IO, Proc, Regexp
    • More classes to read: Exception, ERB, Pathname, File, Dir, Tempfile, Date, Time, DateTime, Net::HTTP
    • Modules to read: Enumerable, Comparable, Open3, Singleton, URI, YAML, JSON, FileUtils, OpenURI
    • Cool pages: Ruby Box, Encodings, Format Specifications, Packed Data
    • Cool classes: Delegator, Enumerator, BasicObject, Class, NilClass, TrueClass, FalseClass, Method, TCPServer, TCPSocket, UDPSocket, UNIXServer, UNIXSocket,
    • Cool modules: Digest, SecureRandom, OpenSSL, Bundler, Prism, ObjectSpace, English, Shellwords, Marshal
    • Concurrency stuff: Ractor (page), Ractor (class), Fiber (page), Fiber (class), Thread, Thread::Queue, Thread::SizedQueue, Thread::Mutex, Thread::ConditionVariable, Contributor's Concurrency Guide

Plus, the following are free online:

• Programming Ruby, 1st Edition (The PickAxe) (book)
• Ruby Essentials (book)
• Ruby Programming (book)
• Learn Ruby with the EdgeCase Ruby Koans (exercises)
• Ruby on Exercism (exercises)
• Ruby on The Odin Project (online course)

Sources: index, books 1, book 2, official docs

Installation on debian

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

# check system compatibility
modprobe configs # loads /proc/config.gz
wget -q -O - https://raw.githubusercontent.com/docker/docker/master/contrib/check-config.sh | \
  bash | tee docker-check.txt

# install docker: key, repo, packages
apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -

# amd64 - x64
echo "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker-ce.list
# armhf - x32 / raspberry pi / raspbian
echo "deb [arch=armhf] https://download.docker.com/linux/raspbian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker-ce.list

apt-get update && apt-get install docker-ce

# allow user to use docker
usermod -aG docker username

# test installation
docker version
docker info

# run a simple test image
docker run hello-world

See also post install for troubleshooting dns/network/remote access.

On raspberry pi just use curl -sSL https://get.docker.com | sh (repo not working).

Configure daemon

• change docker data folder location

1
2
3
4
5

mkdir -p        /path/to/data
chown root.root /path/to/data
chmod 711       /path/to/data
echo '{ "data-root": "/path/to/data" }' > /etc/docker/daemon.json
systemctl restart docker

• use better internal logging + rotation via local logging driver:

1

echo '{ "log-driver": "local" }' > /etc/docker/daemon.json

Creating an image (ref, best practices)

1
2
3
4
5
6
7
8
9
10
11
12

touch Dockerfile # and fill it
docker build -t test-myimg . # create the image with a tag

# test run image
docker run -p 4000:80    test-myimg
docker run -it test-myimg /bin/bash

# run image detached/on background
docker run -p 4000:80 -d --name tmi test-myimg
docker container ls -a
docker container stop <container_id>
docker container start -i tmi # restart container

Interact (ref)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

# run interactive shell into debian image (temporary)
docker run --name prova --rm -it debian /bin/bash 

# run interactive shell into debian image
docker run -it debian /bin/bash 

apt-get update

apt-get install -y dialog nano ncdu
apt-get install -y locales

localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
echo "LANG=en_US.utf8" >> /etc/environment

rm -rf /var/lib/apt/lists/*

docker commit e2b7329257ba myimg:v1

docker run --rm -it myimg:v1 /bin/bash

# run a command in a running container
docker exec -ti a123098734e bash -il

docker stop a123098734e
docker kill a123098734e

Save & restore

1
2
3
4
5
6
7
8
9
10

# dump image
docker save imgname | gzip > imgname.tgz
zcat imgname.tgz | docker load

# dump container without starting it
docker create --name=mytemp imgname
docker export mytemp | gzip > imgname-container.tgz

# flatten image layers (losing Dockerfile) from a container
docker export <id> | docker import - imgname:tag

Registry - Image repository

1
2
3
4
5

# push image to gitlab registry
docker login registry.gitlab.com
docker tag test-myimg registry.gitlab.com/username/repo:tag # add new tag...
docker rmi test-myimg # ...and remove the old tag
docker push registry.gitlab.com/username/repo:tag

Tips

1
2
3

# remove untagged image -- https://stackoverflow.com/a/33913711/13231285
docker images --digests
docker image rm image-name@sha256:xxxxxxxxxxxxxxxxxxxxxxxxxx

DockerHub official base images links: debian, ruby, rails, redis, nginx.

Available free registry services:

Running arm image on x86

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

# https://ownyourbits.com/2018/06/27/running-and-building-arm-docker-containers-in-x86/
apt-get install qemu-user-static

docker run \
  -v /usr/bin/qemu-arm-static:/usr/bin/qemu-arm-static \
  -e LANG=en_US.utf8 -ti --name myarmimg arm32v7/debian:wheezy

[...]

docker commit myarmimg myarmimg

docker container prune -f

docker run \
  -v /usr/bin/qemu-arm-static:/usr/bin/qemu-arm-static \
  -ti --rm --name myarmimg \
  myarmimg /bin/bash -il

Composer (ref, dl) - Services

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

# docker-compose.yml
version: "3"
services:
  web:
    image: username/repo:tag
    deploy:
      replicas: 5
      resources:
        limits:
          cpus: "0.1"
          memory: 50M
      restart_policy:
        condition: on-failure
    ports:
      - "4000:80"
    networks:
      - webnet
networks:
  webnet:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

# install docker-compose
curl -L  -o /usr/local/bin/docker-compose https://github.com/docker/compose/releases/download/1.24.0-rc1/docker-compose-`uname -s`-`uname -m`
chmod 755 /usr/local/bin/docker-compose

docker swarm init

docker stack deploy --with-registry-auth -c docker-compose.yml getstartedlab
docker service ls
docker service ps getstartedlab_web # or docker stack ps getstartedlab

# change the yml file and restart service
docker stack deploy --with-registry-auth -c docker-compose.yml getstartedlab
docker service ps getstartedlab_web
docker container prune -f

# stop & destroy service
docker stack rm getstartedlab
docker container prune -f

# leave the swarm
docker swarm leave --force

Machine (ref, dl) - SWARM/Provisioning

Remember to update the host firewall: open port 2376 and do not apply rate limits on port 22.

On the fish shell you can install the useful omf plugin-docker-machine to easily select the current machine.

Without an official supported driver we can use the generic one. Install docker-ce on your worker nodes and then in your swarm manager host:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

# install docker-machine
curl -L -o /usr/local/bin/docker-machine https://github.com/docker/machine/releases/download/v0.16.1/docker-machine-`uname -s`-`uname -m`
chmod 755 /usr/local/bin/docker-machine

# setup each VMs (this creates and shares the certificates for a secure
# connetion between your client and the daemon runnig on the server)
ssh-copy-id -i ~/.ssh/id_rsa user@ww.xx.yy.zz
docker-machine create --driver generic --generic-ssh-key ~/.ssh/id_rsa \
  --generic-ip-address=ww.xx.yy.zz myvm1

ssh-copy-id -i ~/.ssh/id_rsa user@ww.xx.yy.kk
docker-machine create --driver generic --generic-ssh-key ~/.ssh/id_rsa \
  --generic-ip-address=ww.xx.yy.kk myvm2

docker-machine ls

# run a command via ssh in a VM
docker-machine ssh myvm1 "ls -l"                 # use internal SSH lib
docker-machine --native-ssh ssh myvm1 "bash -il" # use system SSH lib

# set env to run all docker commands remotely on a VM
eval $(docker-machine env myvm1) # on bash
docker-machine use myvm1         # on fish + omf plugin-docker-machine

# set VM1 to be a swarm manager
docker-machine use myvm1
docker swarm init # --advertise-addr ww.xx.yy.zz
docker swarm join-token worker # get token for adding worker nodes

# set VM2 to join the swarm as a worker
docker-machine use myvm2
docker swarm join --token SWMTKN-xxx ww.xx.yy.zz:2377

# check cluster status on your local machine...
docker-machine ls
# ...or on the manager node
docker-machine use myvm1
docker node ls

# locally login on your registry...
docker-machine unset
docker login registry.gitlab.com
# ...then deploy the app on the swarm manager
docker-machine use myvm1
docker stack deploy --with-registry-auth -c docker-compose.yml getstartedlab
docker service ls
docker service ps getstartedlab_web

# access cluster from any VM's IP
curl http://ww.xx.yy.zz:4000
curl http://ww.xx.yy.kk:4000

# eventually re-run "docker stack deploy ..." to apply changes

# undo app deployment
docker-machine use myvm1
docker stack rm getstartedlab

# remove the swarm
docker-machine ssh myvm2 "docker swarm leave"
docker-machine ssh myvm1 "docker swarm leave --force"

Stack / Deploy application

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

# docker-compose.yml
version: "3"
services:
  web:
    image: username/repo:tag
    deploy:
      replicas: 5
      restart_policy:
        condition: on-failure
      resources:
        limits:
          cpus: "0.1"
          memory: 50M
    ports:
      - "80:80"
    networks:
      - webnet
  visualizer:
    image: dockersamples/visualizer:stable
    ports:
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    deploy:
      placement:
        constraints: [node.role == manager]
    networks:
      - webnet
  redis:
    image: redis
    ports:
      - "6379:6379"
    volumes:
      - "/home/docker/data:/data"
    deploy:
      placement:
        constraints: [node.role == manager]
    command: redis-server --appendonly yes
    networks:
      - webnet
networks:
  webnet:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

docker-machine use myvm1
docker-machine ssh myvm1 "mkdir ./data" # create redis data folder

# run stack / deploy app
docker stack deploy -c docker-compose.yml getstartedlab
docker stack ps getstartedlab

# show deployed services and restart one
docker service ls
docker service update --force getstartedlab_web

firefox http://<myvm1-ip>:8080/ # docker visualizer
redis-cli -h <myvm1-ip>         # interact with redis

docker stack rm getstartedlab

Init process to reap zombies and forward signals

• single process: tini (use docker run --init or init: true in docker-compose.yml)
• multiprocess: s6 and s6-overlay
• init systems comparison

SWARM managers

• traefik: github, hp
• portainer (formerly ui-for-docker)
• swarmpit
• dry (terminal gui, one man prj)
• guides, tips and hints at dockerswarm.rocks (also on github)

Container-Host user remapping

You can map container users to the host ones for greater security.

• put myuser:100000:65536 (start:length) in /etc/subuid and /etc/subgid, this defines the mapping id range 100000-165535 available to the host user myuser

• configure docker daemon to use the remapping specified for myuser:

  1 2	echo '{ "userns-remap": "myuser" }' > daemon.json systemctl restart docker

  note that all images will reside in a /var/lib/docker subfolder named after myuser ids

• now all your container user/group ids will be mapped to 100000+id on the host

You can write up to 5 ranges in sub* files for each user, in this example we set identical ids for users 0-999 and map ids >=1000 to id+1:

1
2

myuser:0:1000
myuser:1001:65536

UFW Firewall interactions

Docker bypasses UFW rules and published ports can be accessed from outside.

See a solution involving DOCKER-USER and ufw-user-forward/ufw-user-input chains.

Dockerizing Rails

• docker-rails-base -- preinstalled gems, multi stage, multi image, uses onbuild triggers
• dockerfile-rails -- Dockerfile extracted from Rails 7.1 by fly.io
• Kamal -- formerly MRSK, DHH solution, deploy web apps anywhere with zero downtime, guide posts

Share network with multiple stacks in swarm

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

# swarm PROXY/BALANCER
networks:
  nginx: { external: true }
services:
  app: { image: nginx }

# swarm APP_FOO
networks:
  stackA:
  nginx: { external: true }
services:
  app:
    image: app_foo
    networks: { stackA:, nginx: }
  db:
    image: mysql
    networks: { stackA: }

# swarm APP_BAR
networks:
  stackB:
  nginx: { external: true }
services:
  app:
    image: app_bar
    networks: { stackB:, nginx: }
  db:
    image: postgres
    networks: { stackB: }

Terms:

• service = containers that only runs one/same image,
• task = a single container running in a service,
• swarm = a cluster of machines running Docker,
• stack = a group of interrelated services orchestrated and scalable, defining and coordinating the functionality of an entire application.

Source: install, install@raspi, tutorial, overview, manage app data, config. daemon, config. containers,

Source for user mapping: docker docs, jujens.eu, ilya-bystrov

Useful tips: cleanup, network host mode for nginx to get client real IP, limit ram/cpu usage, docker system prune -a -f to remove all cache files

See also: thread swarm gui, docker swarm rocks