Docker containers

Using the State Tool you can easily embed an ActiveState language runtime inside a Docker container, and then use that runtime to run first party code. This is currently only available using Linux containers.

Below is a sample Dockerfile which will help you:

#Begin with a base image
FROM ubuntu

#SECTION 1: Install prerequisite utilities (will vary depending on base)
RUN apt-get update && apt-get install wget -y

#SECTION 2: Install the State Tool
ADD https://platform.activestate.com/dl/cli/d123/install.sh /install.sh
RUN sh /install.sh /opt/ActiveState && ln -s /opt/ActiveState/bin/state /usr/local/bin


#SECTION 3: Install your runtime from the AS Platform and make it the default
RUN state checkout ORG/PROJECT && state use ORG/PROJECT

#Section 4 [Optional]: Run your app

#Copy in your first party code
COPY main.py /main.py
#Use the State Tool to execute your code using the default runtime
CMD state exec python3 main.py
 
#Begin with a base image
FROM ubuntu

#SECTION 1: Install prerequisite utilities (will vary depending on base)
RUN apt-get update && apt-get install wget -y

#SECTION 2: Install the State Tool
ADD https://platform.activestate.com/dl/cli/d123/install.sh /install.sh
RUN sh /install.sh /opt/ActiveState && ln -s /opt/ActiveState/bin/state /usr/local/bin


#SECTION 3: Install your runtime from the AS Platform and make it the default
RUN --mount=type=secret,id=my_env . /run/secrets/my_env && export ACTIVESTATE_API_KEY && state checkout ORG/PROJECT && state use ORG/PROJECT

#Section 4 [Optional]: Run your app

#Copy in your first party code
COPY main.py /main.py
#Use the State Tool to execute your code using the default runtime
CMD state exec python3 main.py

After successfully embedding your ActiveState runtime into your Docker container, you can:


Section 1: Install prerequisite utilities

The example Dockerfile uses a base Ubuntu image, a CentOS example is included after. Start by modifying the Ubuntu base image and adding the utilities necessary for successful integration with ActiveState.

Ensure that your modified base image has the following non-system utilities in order to get the State Tool installed and working properly, as different base images will be missing different needed utilities.

  • Curl or wget
  • Tar or gzip
  • Sed

If your base image was CentOS instead of Ubuntu, Section 1 may look like the image below. You will need to customize Section 1 depending on which base image you use.

#Section 1 (CENTOS): Install prerequisite utilities
FROM centos
RUN sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
RUN sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
RUN yum install ncurses -y && yum install file -y

Section 2: Install the State Tool

The steps to install the State Tool will be the same for all of the Linux distros. The commands shown in this section will download the State Tool installer script, execute it, and configure the State Tool with the correct permissions and symbolic links.

Section 3: Install your runtime

The installation method of your runtime will depend on whether your project is “Public” or “Private”.

Find your Dockerfile and replace ORG with the name of your organization on the ActiveState platform and PROJECT with the name of the ActiveState platform project containing your runtime. Ensure the project is configured to support the OS of the container. For example, using Ubuntu this will be Linux Glibc 2.28.

When installing a private project you will need to authenticate with the ActiveState Platform. It is important to not embed your API key into the built image, as it may expose sensitive information to unauthorized users. Instead, we will pass the API key to the State Tool using Docker Secrets at build time. Please note this approach will require that your Docker Engine is using the Build Kit.

  1. Install the State Tool on your local machine and run state auth
  2. Run the following command and copy the output for later use
    state export new-api-key MyNewKey
    
  3. Copy the key output in the previous step into a new file in the same folder as your Dockerfile and name it “.env
  4. Compose and save the file as shown below API key

After you have saved your .env file to the same folder as your Dockerfile, open your Dockerfile and replace ORG with the name of your organization on the ActiveState Platform and PROJECT with the name of the ActiveState Platform project containing your runtime. Ensure the project is configured to support the OS of the container. For example, using Ubuntu this will be Linux Glibc 2.28.

Section 4: (Optional): Run your app

To configure your image to run first-party code (for example main.py) using the Python runtime embedded in the image, copy in your first-party code and then run our Python program with

state exec python3 main.py

Building your image

Once you have prepared your Dockerfile, go to the directory of the Dockerfile and build an image using the command below (these commands are different for Public and Private projects).

docker build --no-cache -t as:latest . 
docker build --no-cache --secret id=my_env,src=.env -t as:latest . 

Run your container

You can now launch a container using the following command. The container will run, execute the CMD, and then exit.

docker run as:latest

Use your State Tool interactively in a container

To use the State Tool interactively in a container, spin one up using the image created previously and run it in interactive mode using the command below.

docker run -it as:latest /bin/bash

If you leave your container running you can reconnect to a new shell process by using the following command.

docker exec -it as:latest /bin/bash

Once you are connected to a container you will be able to execute State Tool commands including activating an ActiveState runtime.

This mode of operation can be helpful for development or in highly secure IT environments because the container environment is logically isolated from the rest of your machine and you will have root privileges. If the goal is to build an image solely for this use case you won’t need to install a runtime or any application code, Sections 3 and 4 from the example Dockerfile will not be necessary.

This mode of operation can be helpful for development or in highly secure IT environments because the container environment is logically isolated from the rest of your machine and you will have root privileges. If the goal is to build an image solely for this use case you won’t need to install a runtime or any application code, Sections 3 and 4 from the example Dockerfile will not be necessary.