In this article, we'll walk through the complete process of working with rootless in a server environment. Understanding docker is essential for maintaining a reliable and performant infrastructure.
Prerequisites
- A registered domain name (for public-facing services)
- Root or sudo access to the server
- A VPS running Ubuntu 22.04 or later (2GB+ RAM recommended)
Creating the Docker Compose File
For production deployments, consider implementing high availability by running multiple instances behind a load balancer. This approach provides both redundancy and improved performance under heavy load.
# docker-compose.yml
version: '3.8'
services:
app:
image: rootless:latest
restart: unless-stopped
ports:
- "8080:8080"
volumes:
- app_data:/data
environment:
- NODE_ENV=production
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
interval: 30s
timeout: 10s
retries: 3
volumes:
app_data:
The output should show the service running without errors. If you see any warning messages, address them before proceeding to the next step.
Building the Container Image
When scaling this setup, consider vertical scaling (adding more RAM/CPU) first, as it's simpler to implement. Horizontal scaling adds complexity but may be necessary for high-traffic applications.
# Multi-stage Dockerfile
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build
FROM node:20-alpine
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
EXPOSE 3000
CMD ["node", "dist/index.js"]
Make sure to restart the service after applying these changes. Some settings require a full restart rather than a reload to take effect.
Configuring Volumes and Networks
Security should be a primary consideration when configuring rootless. Always use strong passwords, keep software updated, and restrict network access to only the necessary ports and IP addresses.
# Container management commands
docker compose up -d
docker compose logs -f app
docker compose exec app sh
docker system prune -af --volumes # Caution: removes unused data
This configuration provides a good balance between performance and resource usage. For high-traffic scenarios, you may need to increase the limits further.
Common Issues and Solutions
- High memory usage: Review the configuration for memory-related settings. Reduce worker counts or buffer sizes if running on a low-RAM VPS.
- Connection timeout: Verify your firewall rules allow traffic on the required ports. Use
ss -tlnpto confirm the service is listening on the expected port. - Permission denied errors: Ensure files and directories have the correct ownership. Use
chown -Rto fix ownership andchmodfor permissions.
Wrapping Up
Following this guide, your rootless setup should be production-ready. Keep an eye on resource usage as your traffic grows and don't forget to test your backup and recovery procedures periodically.