Turns out I never really made a public announcement of the docker work I've been doing lately!
If you need a new application deployed in our infrastructure, the best way is to leverage docker-compose:
You will need to create a docker-compose file, with all the secrets configurable by
From there, we'll encrypt the secrets and we'll create a fully automated docker host using terraform and ansible (not yet public). You have the option to configure persistent docker volumes which will be kept between container restarts.
There are two ways of deploying new versions of your docker images: asynchronously from dockerhub pushes, or synchronously from Bamboo.
In order to deploy docker-compose changes, I need to run ansible on that host.
The default docker host will come with datadog monitoring, firewall, docker, docker compose, nginx with letsencrypt (https).
We've been deploying quite a few applications now, allowing our host to be incredibly uniform! And developers can actively collaborate with infra team in order to deploy a new application.