Hi,
I’m testing an idea where everything is based on Docker containers. A Next.js app runs in Docker and starts and manages multiple Node-RED containers. The whole setup is meant to work only inside a local network.
At the moment, everything is fully based on Docker. I store user information and permissions (admin, user) in a database.
Does this approach make sense in practice, and what would you recommend focusing on early to avoid issues later?
A lot depends on what level of security and privacy you want to implement and what level of control over each instance you want to give the user(s) of that instance.
Also, are you giving people just access to the container? Is the IdM at the container level or the Node-RED level?
Personally, I would implement and reverse proxy to front-end everything. I would also use that to control identity and access management - probably by using a related IdM tool. The proxy would take care of the outward facing naming of your instances giving you lots of options for using domain names, sub-domains, URL paths. It would also enable appropriate scaling should your service need it. And it would make logging and security management more robust.
I'm not a strong advocate of Docker for node.js microservices though and so not an expert by any means. As I say, there are a lot of variables to take into consideration.
You might also need to think about updates - not node-red updates but other fast-moving updates. That includes node.js as well as any contributed nodes you want to allow your instances to access.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy