1

I have a classical web application (CRM tool) which requires nginx, python (flask), postgresql and redis to work.

I plan to sell this application to different companies and host them on my powerful dedicated server and I plan to use Docker to quickly create the instance for the new company.

One of the goals that I want to achieve is protecting clients from Ddos attacks, for example, if one of the clients is under attack, this should not hurt other users. I also want to be able to easily scale the application (or just transfer it to a separate server) if it creates too much load.

Should I run a separate container of the web server, database and cache for each copy of the application? Will it create too much overhead? Is there any more, more optimal way to ensure reliability and isolation?

Thanks in advance.

Buzz Fizz
  • 11
  • 2
  • Since Docker really only partitions your server at the file system, you will still have excessive CPU or memory usage from one Docker image affecting the other running instances. You probably need a different virtualization technology if you want to isolate them in terms of CPU and memory usage. – Jason K. Apr 01 '17 at 17:59
  • @Jason that's not entirely true, docker can limit CPU and memory usage of containers. – jordanm Apr 02 '17 at 00:22
  • I stand corrected. This functionality seems to be relatively new (based on a quick view of the change log), mentioned in 1.12 and updated in 1.13. – Jason K. Apr 02 '17 at 01:48

0 Answers0