This guide explains how to build and run sushCore using Docker.
docker build -t sush-core:latest .docker run -d \
--name sush-server \
-p 8443:8443 \
-p 8080:8080 \
sush-core:latest# Start basic server
docker-compose up -d sush-server
# Start bridge relay
docker-compose up -d sush-bridge
# View logs
docker-compose logs -f sush-server- Multi-stage build for minimal size
- Non-root user for security
- Health checks enabled
- Optimized layer caching
- Production-ready configuration
Build:
docker build -t sush-core:latest .- Includes development dependencies
- Development tools (vim, git)
- Suitable for debugging
Build:
docker build -f Dockerfile.dev -t sush-core:dev .PYTHONUNBUFFERED=1- Real-time log outputLOG_LEVEL=INFO- Logging level (DEBUG, INFO, WARNING, ERROR)PYTHONPATH=/app- Python module path
- 8443 - Main server port (default)
- 8080 - Alternative/HTTP port
- 443 - HTTPS port (bridge mode)
- 80 - HTTP port (bridge mode)
- 53 - DNS port (bridge mode, UDP)
Override the default command to use different modes:
# Basic server
docker run sush-core:latest python examples/server_example.py --mode basic
# Bridge relay
docker run sush-core:latest python examples/server_example.py --mode bridge
# Directory server
docker run sush-core:latest python examples/server_example.py --mode directory
# Performance mode
docker run sush-core:latest python examples/server_example.py --mode performance
# Monitoring mode
docker run sush-core:latest python examples/server_example.py --mode monitoring- Non-root user: Container runs as user
sush(UID 1000) - Minimal base image: Uses
python:3.11-slim - No unnecessary privileges: Dropped capabilities
- Read-only config: Config files mounted as read-only
- Health checks: Automatic container health monitoring
The container includes a health check that verifies the server is listening on port 8443:
# Check container health
docker ps
# Look for "healthy" status
# Inspect health check
docker inspect --format='{{.State.Health.Status}}' sush-serverMount configuration files:
docker run -v ./config:/app/config:ro sush-core:latestdocker logs sush-server
docker logs -f sush-server # Follow logsdocker exec -it sush-server bash
docker exec -it sush-server python -c "import sush; print(sush.__version__)"docker ps -a
docker inspect sush-serverdocker-compose build --no-cache sush-server
docker-compose up -d sush-serverdocker build \
--build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \
--build-arg VCS_REF=$(git rev-parse --short HEAD) \
--build-arg VERSION=1.2.0 \
-t sush-core:1.2.0 \
-t sush-core:latest \
.# docker-compose.yml
services:
sush-server:
deploy:
resources:
limits:
cpus: '2'
memory: 2G
reservations:
cpus: '1'
memory: 1G- Use specific tags: Avoid
latestin production - Scan images: Use
docker scanor Trivy for security - Monitor resources: Set appropriate limits
- Backup configs: Keep configuration files versioned
- Update regularly: Keep base images updated
docker run -it --rm \
-v $(pwd):/app \
-p 8443:8443 \
sush-core:dev \
python examples/server_example.py --mode basicdocker run -d \
--name sush-prod \
-p 8443:8443 \
-v ./config/production.conf:/app/config/server.conf:ro \
-e LOG_LEVEL=WARNING \
sush-core:1.2.0