I’ve created a new Docker base image for use by Meteor apps:
This image both caches Meteor and also produces a final image that’s minimal in size, running on Node Alpine, thanks to a multistage Dockerfile. You might want to use this base because:
You can build/bundle your Meteor app as part of building your Docker image, rather than outside of Docker before the Docker build. This means the machine doing the building need not have Node or Meteor installed, which is important for continuous integration setups; and ensures repeatable builds, since the build environment is isolated and controlled.
Using a multistage
Dockerfileon your app’s side means that you can publish a much smaller final Docker image that doesn’t have Meteor included, and you can also use an Alpine Linux base which is good for passing security scans (as it presents much less surface area in which scanners might find vulnerabilities).
Why this image, instead of some others? There are several great Meteor Docker images out there. I built this one because none of the existing open source ones met my needs:
jshimko/meteor-launchpad is great, but it’s based on
debian:jessie, which fails the security scan my company runs on all of our Docker images. Debian is also larger than Alpine. This project also always downloads and installs Meteor on every production build, rather than caching it as this base image does.
meteor/galaxy-images and Treecom/meteor-alpine both require building the Meteor app in the host machine, before copying the built app into the Docker container. We wanted to avoid needing Node and Meteor installed on our CI servers, and we want the predictability of building within the Docker environment.
Other projects I looked at generally had one or more of the disadvantages cited above. Multistage Docker builds have only been possible since Docker 17.05, which came out in May 2017, and most projects on the Web were designed before then and therefore don’t take advantage of the possibilities offered by a multistage architecture.
Please let me know what you think, feedback and pull requests welcome!