Docker logo

We are pleased to announce the 3.0.0 release of the Commandbox Docker image.

This release offers a number of improvements and optimizations for runtime usage and usage in crafting custom images for deployments.

What's New in 3.0.0

New Features

  • Refactors container start to use a CommandBox-generated shell script. This reduces start times and removes the additional overhead of the java wrapper process to orchestrate the server
  • Add support for a new environment variable FINALIZE_STARTUP . When present, an authoritative startup script will be generated, which will be used on all subsequent starts of the container. See below for an example.
  • Adds support for _FILE suffixed environment variables. When an environment variable is provided with a _FILE suffix, the right-hand will be sourced in as an environment variable with the sans-suffix variable name ( e.g. REINIT_PASSWORD_FILE=/run/secrets/reinit_password sources in /run/secrets/reinit_password as the value of the REINIT_PASSWORD environment variable )
  • Additional support for multi-stage builds ( see below )
  • Adds new custom tags for pre-warmed Lucee builds: :lucee5.2.9 and :lucee-light

Improvements

  • Refactors the file and directory conventions to be user-agnostic. This allows for better support of USER environmental switching and better matches OS conventions ( i.e. Debian use of /usr/local and Alpine use of /usr
  • Changes the default CommandBox rewrite rules to deny access to hidden files and folders, along with common configuration files ( i.e. box.json, server.json )
  • Refactors HEADLESS environmental option in to startup script file, fixes and issue with implementation on Alpine Linux

Compatibility

Due to the change in directory path conventions within the image, v3.0.0 should be considered a breaking change, as existing builds which are not tagged to the version will need to be updated to the new locations. The new locations are ( on Debian ):

  • BIN_DIR - /usr/local/bin
  • LIB_DIR - /usr/local/lib
  • BUILD_DIR - $LIB_DIR/build
  • COMMANDBOX_HOME - $LIB_DIR/CommandBox
  • APP_DIR - unchanged - at /app

Runtime USER environment variables also now inherit group permissions and are added to the group runwar upon creation

Tags

See Commandbox on Docker Hub for a complete list of available tags.

  • :latest (Dockerfile) - Latest stable version
  • :commandbox-5.0.1 - Stable image tagged with the version of CommandBox used to build the image
  • :3.0.0 - Tagged version of the image
  • :snapshot - Development/BE version
  • :[tag]-snapshot - Development/BE version of a tagged variations (e.g. - :adobe2016-snapshot)
  • :jdk8 - Base image using OpenJDK8
  • :jdk11 - Base image using OpenJDK11
  • :alpine (Dockerfile) - Alpine Linux version of the image - slight decrease in overall size and optimizations for containerized runtimes
  • :[engine][version] - Containers with warmed-up engines - saves having to download the server WAR during container start: :lucee45(Dockerfile), :lucee5(Dockerfile), :adobe11(Dockerfile), :lucee5.2.9(Dockerfile), :lucee-light(Dockerfile), :adobe11(Dockerfile) ,:adobe2016(Dockerfile),:adobe2018(Dockerfile)
  • :[engine][version]-alpine - Alpine linux versions of the image with warmed-up engines: :lucee45-alpine(Dockerfile), :lucee5-alpine(Dockerfile), :lucee5.2.9-alpine(Dockerfile), :lucee-light-alpine(Dockerfile), :adobe11-alpine(Dockerfile) ,:adobe2016-alpine(Dockerfile),:adobe2018-alpine(Dockerfile)

Note: The :latest tag currently uses OpenJDK8, for compatibility with all CFML engines. The pre-seeded engines built using JDK11 - both Debian and Alpine base - are :lucee5, :lucee-light and adobe2018

Multi-Stage Builds

v3.0.0 allows you to create multi-stage builds which include only a shell script to start the server, the RunWar servlet container, and the application/engine. This build is finalized, however, so the startup script will bypass all environmental and server evaluation in favor of the variables provided in the generated shell script.

A finalized image reduces container startup times by up to 80% and reduces the final image size by up to 50%. Multi-stage builds are ideal for creating production images. The environment variable FINALIZE_STARTUP, when provided, will only generate the startup script. The script written is considered authoritative and will be used on the next container start.

To leverage this with a multi-stage build:

FROM ortussolutions/commandbox:lucee5 as workbench

# Generate the startup script only
ENV FINALIZE_STARTUP true
RUN $BUILD_DIR/run.sh

# Debian Slim is the smallest OpenJDK image on that kernel. For most apps, this should work to run your applications
FROM adoptopenjdk/openjdk11:debianslim-jre as app

# COPY our generated files
COPY --from=workbench /app /app
COPY --from=workbench /usr/local/lib/serverHome /usr/local/lib/serverHome

RUN mkdir -p /usr/local/lib/CommandBox/lib

COPY --from=workbench /usr/local/lib/CommandBox/lib/runwar-4.0.5.jar /usr/local/lib/CommandBox/lib/runwar-4.0.5.jar
COPY --from=workbench /usr/local/bin/startup-final.sh /usr/local/bin/run.sh

CMD /usr/local/bin/run.sh

With the above build, a Lucee 5.3.4 pre-warmed server comes online and begins serving traffic in 3.5-4 seconds, compared to the 7-10 seconds for the default start times ( when the start script is re-generated )

Single-Stage builds with script finalization

You may also use the FINALIZE_STARTUP environment variable in your CI/CD process to generate the finalized runtime script. A basic version of this, copying in your own appliction directory is as simple as:

FROM ortussolutions/commandbox:lucee5

COPY . /app

# Generate the finalized startup script and exit
RUN export FINALIZE_STARTUP=true;$BUILD_DIR/run.sh;unset FINALIZE_STARTUP

The finalized script will be written to $BIN_DIR/startup-final.sh . If this file is detected on container start, it is treated as authoritative and only environmental secrets will be expanded.

Go Forth and Build Cool Things!

v3.0.0 of the CommandBox Docker images represents the most significant opportunity for runtime performance and reducing production image sizes, since we first started building our images. We look forward to users leveraging the new finalization features to make their containerized applications even more flexible, scalable and - above all - blazing fast!