~/theoboursy.fr/dockeronline

Mini-PaaS · Master 1 project

Docker Online

A self-service mini-PaaS. Users sign in, push an image, a Dockerfile or a compose file, and the platform deploys it on a remote Docker host, wires up Traefik routing and creates the DNS record, so the container is instantly live on its own subdomain.

s_docker.py the interesting bit

Deploy a container, get a live URL

A user submits an image name, a Dockerfile or a compose file. The Docker SDK builds and runs it on a remote host, then the container is tagged with Traefik labels so the reverse proxy routes traffic to it, and an OVH DNS record is created for its name.

Seconds later the app is reachable at <name>.dockeronline.ovh, with ports and volumes provisioned automatically. No manual proxy config, no manual DNS.

labels = {
  "traefik.enable": "true",
  "traefik.http.routers.NAME.rule":
      "Host(`NAME.dockeronline.ovh`)",
  "traefik.http.routers.NAME.entrypoints": "web",
}
docker · TLS

Docker SDK over TLS

The whole container lifecycle is driven through the Docker SDK for Python, talking to a remote daemon secured with client certificates. Pull, build, run, inspect, stream logs and remove, all from Django.

  • pull image
  • build Dockerfile
  • run compose
  • logs and errors
  • mTLS client certs
s_ovh.py

Traefik and OVH DNS

Each container gets a Traefik route through its labels and a matching A record on the OVH zone, created and deleted with the container. Every deployment lands on its own subdomain with no shared ports to juggle.

  • per-container subdomain
  • OVH API records
  • traefik-net
s_prometheus.py

Admin metrics

An admin dashboard queries Prometheus with PromQL for live CPU, RAM and disk gauges of the host. Django auth keeps user and admin areas apart, and the whole stack runs on Proxmox.

  • PromQL
  • CPU / RAM / disk
  • SQLite