Deploying Your First Web App to Tomcat on Docker (softwareyoga.com)
Deploying Your First Web App to Tomcat on Docker | Cprime
https://hub.docker.com/_/tomcat
docker run -p 8080:8080 -it --rm --name oms-monolith omsdocker image ls docker container ls -ahttps://awstip.com/docker-run-vs-cmd-vs-entrypoint-78ca2e5472bd
The three Dockerfile instructions RUN , CMD and ENTRYPOINT look similar and can easily cause confusions. Let’s discuss their differences in this article.
RUN executes commands and creates new image layers.CMD sets the command and its parameters to be executed by default after the container is started. However CMD can be replaced by docker run command line parameters.ENTRYPOINT configures the command to run when the container starts, similar to CMD from a functionality perspective.We can specify the command to be run by RUN, CMD and ENTRYPOINT in two ways: Shell format and Exec format, which have subtle differences in usage.
Shell format has the following form:
<instruction> <command>For example:
RUN apt-get install python3CMD echo "Hello world"ENTRYPOINT echo "Hello world"
When the command is executed, the bottom layer of the shell format will call /bin/sh -c <command>. When you run commands in Shell format, the environment variable that defined in ENV command will be inherited.
ENV name Cloud ManENTRYPOINT echo "Hello, $name"# Output
Hello, Cloud Man
Exec format has the following form:
<instruction> ["executable", "param1", "param2", ...]For example:
RUN ["apt-get", "install", "python3"]CMD ["/bin/echo", "Hello world"]ENTRYPOINT ["/bin/echo", "Hello world"]
When the command is executed, <command> will be called directly and will not be parsed by the shell. The environment variable that defined in ENV will not be passed as well.
ENV name Cloud ManENTRYPOINT ["/bin/echo", "Hello, $name"]# Output
Hello, $name
The Exec format is recommended for CMD and ENTRYPOINT because the instructions are more readable and easier to understand. RUN then both formats are fine.
The RUN command is typically used to install applications and software packages.
RUN executes the command on top of the current image, and by creating a new image layer. Dockerfile often contains multiple RUN instructions.
The CMD directive allows user to specify the default command executed by the container. This command runs when the container starts and no other command is specified for docker run .
CMD will be ignored.CMD instructions in the Dockerfile, only the last CMD is valid.CMD has three formats:
CMD [“executable”,”param1",”param2"]CMD [“param1”, ”param2"], this format is used in combination of ENTRYPOINT , to provide extra parametersCMD command param1 param2Exec format is recommended as it provides better readbility.
The ENTRYPOINT directive allows the container to run as an application or service.
ENTRYPOINT looks similar to CMD in that both specify the command to execute and its parameters. The difference is that ENTRYPOINT will not be ignored and will be executed, even if other commands are specified when running docker run.
ENTRYPOINT has two formats:
ENTRYPOINT [“executable”, “param1”, “param2”] This is the recommended format for ENTRYPOINT.ENTRYPOINT command param1 param2The parameters in ENTRYPOINT are always used, while the extra parameters of CMD can be dynamically replaced when the container starts. For example:
ENTRYPOINT ["/bin/echo", "Hello"]CMD ["world"]# Output
Hello world
Note the shell format of ENTRYPOINT ignores any arguments provided by CMD or docker run.
FROM busyboxENTRYPOINT echo helloCMD world# Output
hello
RUN command to install applications and packages, and build images.MySQL, the ENTRYPOINT command in the Exec format should be used in preference. CMD can provide additional default parameters for ENTRYPOINT, and the default parameters can be replaced by the docker run command line.CMD command. Users can override this default command in the docker run command line.Assume an IAM role using the AWS CLI (amazon.com)
Authenticating to AWS with Environment Variables | by Yevgeniy Brikman | Gruntwork
amazon web services - bash script for AWS assume-role - Stack Overflow
aws sts get-caller-identity
aws sts assume-role --role-arn "arn:aws:iam::123456789012:role/example-role" --role-session-name AWSCLI-Session
export AWS_ACCESS_KEY_ID=RoleAccessKeyID export AWS_SECRET_ACCESS_KEY=RoleSecretKey export AWS_SESSION_TOKEN=RoleSessionToken
aws sts get-caller-identity
unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN aws sts get-caller-identity
-------------------------------------------------------------------------------
Next, you call aws sts assume-role, passing it the ARN of the IAM Role you want to assume, plus a “role session name” that can be used to tell who is assuming the IAM Role and why (as the same IAM Role may be assumed by may different users):
aws sts assume-role \
--role-arn arn:aws:iam::123456789012:role/dev-full-access \
--role-session-name username@company.comThis will return a blob of JSON that contains Temporary Access Keys:
{
"Credentials": {
"SecretAccessKey": "secret-access-key",
"SessionToken": "temporary-session-token",
"Expiration": "expiration-date-time",
"AccessKeyId": "access-key-id"
}
}You must now set these Temporary Access Keys as environment variables, overriding the old environment variables:
export AWS_ACCESS_KEY_ID=<Access-key-from-output>
export AWS_SECRET_ACCESS_KEY=<Secret-access-key-from-output>
export AWS_SESSION_TOKEN=<Session-Token-from-output>