-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Defaults today expose 80/443 #112
Comments
The base |
@richlander has a proposal to make .NET containers 'rootless' by default, which would involve different ports, so we should be able to react to that as well. |
Linking to the implementation issue: #93 |
The key piece is making the images non-root capable. There are two main aspects of that:
Related: dotnet/dotnet-docker#3968 |
The port part is easy enough to do, and setting the container metadata for user/group is also straightforward (if for some reason that hasn't already been done in whatever base image the user chooses or has inferred for them). The gap with these SDK-generated containers will be actually creating the user and group on the running image - since we can't perform RUN commands we either
|
I think of |
I don't think expose is necessarily advanced - it's the only way for an image to programmatically declare its dependencies. It's something that we should do in order to build correct containers, which was one of the selling points for this feature set overall. It's also technically very easy to do - we're currently doing the parity-check you mention with ASPNETCORE_URLS @richlander in the targets - #113 just flows that already-computed data into the container config itself. |
Our samples don’t but the default container tools experience in VS do use expose as an FYI |
Agreed. Do you know of any service that honors |
If you use I can't find any matching mechanism (even in docker-compose) for performing this operation, though. |
Got it. I've never done that. That's more a dev scenario than a prod one. You an only do it once (concurrently) on a given machine. As a result, using it within I expect people use Anyway, it's fine if you add support for this (as long as it agrees with |
We removed port customization in favor of delegating that to the base image. The dotnet base images already handle setting ASPNETCORE_URLS to correct values, we don't need to reimplement that here. |
The default docker experience today exposes 80/443
Should we also make those the defaults in this experience?
The text was updated successfully, but these errors were encountered: