#docker (2020-01)

Hi, I have Centos7 Jenkins Agent where I build my docker images. In Dockerfile I run yarn install and some packages are trying to create their directories under node-modules dir. I realized that SELinux is somehow preventing of doing so, because with SELinux enabled, I see permission denied error. When I disable SELinux, it works. I’m not an Centos/SeLinux expert - can you advise me how can I tune SELinux settings to fix that without disabling SeLinux?

@Daren has joined the channel

I am using Docker Swarm to orchestrate a couple of DigitalOcean machines. However, often those machines encounter OOM and crash, leading to Swarm failure (especially when the crashing machine is a Swarm manager). How do I effectively protect the Swarm against such issues? I assumed the Docker Swarm should have knowledge of the available memory on every Swarm member and prevent scheduling containers on machines that are running low on memory.

I realize that provisioning larger capacity than required (e.g. adding extra Swarm members) may mitigate to some degree, but the cost overhead is to be taken into account. Is there a more elegant solution that doesn’t involve over-povisioning infrastructure or catastrophic failure of the Swarm everytime we fail to predict accurately the sum of consumed memory by all running Docker containers in the Swarm (something that is fairly variable and hard to calculate in advance)?

@Dzhuneyt I’m not familiar with swarm in particular, but with kubernetes this is what the requests and limits are used for. Without a these, kubernetes cannot possibly know where it should schedule a container to ensure enough memory will be available when it’s needed. For the same reason, I think Swarm must have something analagous for this as well.

(also digital ocean has managed kubernetes - maybe “upgrade” )

https://pythonspeed.com/articles/alpine-docker-python/