150 lines
7.0 KiB
Markdown
150 lines
7.0 KiB
Markdown
# Technology Stack
|
|
|
|
**Project:** Laboratori Cloud - Corso Soluzioni Cloud
|
|
**Researched:** 2026-03-24
|
|
**Overall confidence:** HIGH
|
|
|
|
## Recommended Stack
|
|
|
|
### Core Framework
|
|
|
|
| Technology | Version | Purpose | Why |
|
|
|------------|---------|---------|-----|
|
|
| Docker Engine | 28.0+ | Orchestrazione container | Standard mercato, isolamento nativo, supporto rootless per sicurezza |
|
|
| Docker Compose | V2.36.2+ | Definizione multi-container | Sintassi declarativa, gestione reti/volumi nativa, integrazione con Docker Engine v28 |
|
|
|
|
### Database
|
|
|
|
| Technology | Version | Purpose | Why |
|
|
|------------|---------|---------|-----|
|
|
| PostgreSQL | 18.x | Database relazionale | Simula RDS/Aurora, open-source standard, supporto ACID completo |
|
|
| MySQL | 9.x | Database relazionale (alternativa) | Simula RDS MySQL, popolare in produzione, compatibilità ampia |
|
|
|
|
### Storage
|
|
|
|
| Technology | Version | Purpose | Why |
|
|
|------------|---------|---------|-----|
|
|
| Docker Volumes | Native | Block storage persistente | Simula EBS, sopravvive a container restart, gestione nativa |
|
|
| MinIO | RELEASE.2025-05-24T17-08-30Z | Object storage S3-compatible | Compatibilità 100% API S3, leggero per locale, CLI identica ad AWS |
|
|
|
|
### Networking
|
|
|
|
| Technology | Version | Purpose | Why |
|
|
|------------|---------|---------|-----|
|
|
| Docker Bridge Networks | Native | Isolamento reti locali | Simulano VPC/Subnets, isolamento kernel-level, supporto iptables |
|
|
| iptables | Linux standard | NAT e firewall rules | Simula NAT Gateway, Security Groups, controllo granulare traffico |
|
|
|
|
### Supporting Libraries
|
|
|
|
| Library | Version | Purpose | When to Use |
|
|
|---------|---------|---------|-------------|
|
|
| docker-compose-test | N/A | Validazione configurazioni | Verifica sintassi compose PRIMA dell'esecuzione |
|
|
| netcat-openbsd | 1.219+ | Diagnostica porte | Test connettività tra container, verifica firewall rules |
|
|
| curl | 8.x+ | HTTP/HTTPS testing | Validate web server endpoints, API calls |
|
|
| pg_isready | PostgreSQL bundled | Health check database | Verifica che DB sia pronto prima di connessioni |
|
|
| nmap | 7.9x+ | Port scanning avanzato | Verifica isolamento reti, security group simulation |
|
|
|
|
## Development Tools
|
|
|
|
| Tool | Purpose | Notes |
|
|
|------|---------|-------|
|
|
| docker-compose config | Validazione YAML | Esegue check sintassi espandendo variabili |
|
|
| docker network inspect | Debug reti | Mostra container connessi, IP allocation |
|
|
| docker stats | Monitor risorse | Verifica limiti CPU/memoria in tempo reale |
|
|
| iptables -L -n -v | Debug firewall | Mostra regole NAT/forward attive |
|
|
|
|
## Installation
|
|
|
|
```bash
|
|
# Core (Docker Engine + Compose V2 su Debian/Ubuntu)
|
|
curl -fsSL https://get.docker.com -o get-docker.sh
|
|
sudo sh get-docker.sh
|
|
|
|
# Verifica versioni
|
|
docker --version # Docker Engine 28.0+
|
|
docker compose version # V2.36.2+
|
|
|
|
# Utility di rete (Debian/Ubuntu)
|
|
sudo apt-get update
|
|
sudo apt-get install -y netcat-openbsd curl nmap iproute2
|
|
|
|
# PostgreSQL client (per connessioni da host)
|
|
sudo apt-get install -y postgresql-client
|
|
|
|
# MinIO client (mc) - opzionale ma consigliato per lab S3
|
|
curl https://dl.min.io/client/mc/release/linux-amd64/mc \
|
|
--create-dirs -o $HOME/minio-binaries/mc
|
|
chmod +x $HOME/minio-binaries/mc
|
|
export PATH=$PATH:$HOME/minio-binaries
|
|
```
|
|
|
|
## Alternatives Considered
|
|
|
|
| Category | Recommended | Alternative | Why Not |
|
|
|----------|-------------|-------------|---------|
|
|
| Container orchestration | Docker Compose V2 | Kubernetes | Eccessiva complessità per lab locale, setup oneroso |
|
|
| Object storage | MinIO | LocalStack | LocalStack simula TUTTO AWS ma pesante, lento, richiede Java |
|
|
| Database | PostgreSQL | MongoDB | NoSQL non standard per lab base, SQL più didattico |
|
|
| Network isolation | Docker Bridge | Docker Overlay | Overlay per swarm multi-host, non necessario in locale |
|
|
| Compose syntax | YAML | HCL/Terraform | YAML standard Docker, HCL richiede apprendimento extra |
|
|
|
|
## What NOT to Use
|
|
|
|
| Avoid | Why | Use Instead |
|
|
|-------|-----|-------------|
|
|
| **Container come root** | Violazione principio minimo privilegio, rischio sicurezza critico | Dockerfile con `USER` oppure `user:` direttiva in compose |
|
|
| **Docker Compose V1** | Deprecato, non supportato, sintassi diversa | Compose V2 (`docker compose` senza trattino) |
|
|
| **Network mode "host"** | Bypassa isolamento, inutile per simulazione VPC | Bridge networks isolate |
|
|
| **Bind mount per persistenza** | Permessi file problematici tra host/container | Named volumes gestiti da Docker |
|
|
| **Ubuntu/Debian base images** | Inutilmente pesanti per semplici container | Alpine o distroless dove possibile |
|
|
| **Esposizione porte 0.0.0.0** | Espone servizi su tutte le interfacce, simula cattive pratiche | 127.0.0.1 o nessuna esposizione (solo rete interna) |
|
|
| **Limiti risorse indefinite** | Container può consumare tutto l'host, OOM kill incrociati | Sempre impostare `cpus` e `mem_limit` |
|
|
|
|
## Stack Patterns by Variant
|
|
|
|
**Seleziona variante database:**
|
|
|
|
**Se focus su MySQL/RDS MySQL:**
|
|
- Usa mysql:9.x image
|
|
- Variabili: `MYSQL_ROOT_PASSWORD`, `MYSQL_DATABASE`
|
|
- Because: Allievi che lavorano con MySQL in produzione
|
|
|
|
**Se focus su PostgreSQL/RDS/Aurora:**
|
|
- Usa postgres:18-alpine image
|
|
- Variabili: `POSTGRES_PASSWORD`, `POSTGRES_DB`
|
|
- Because: PostgreSQL più standard in cloud moderni
|
|
|
|
**Seleziona modalità esecuzione Docker:**
|
|
|
|
**Se lab su macchina personale:**
|
|
- Usa Docker rootless (installazione utente senza sudo)
|
|
- Because: Sicurezza migliore, simula environment cloud managed
|
|
|
|
**Se lab su VM fornita da scuola:**
|
|
- Docker standard (daemon service) accettabile
|
|
- Because: VM dedicata per singolo studente, isolation già garantito
|
|
|
|
## Version Compatibility
|
|
|
|
| Package A | Compatible With | Notes |
|
|
|-----------|-----------------|-------|
|
|
| Docker Engine 28.x | Compose V2 2.30+ | Compose V2 integrato in Engine CLI |
|
|
| Docker Engine 28.x | MinIO RELEASE.2025+ | Nessuna dipendenza diretta |
|
|
| Docker Engine 28.x | PostgreSQL 18.x | Funziona con qualsiasi DB che supporta container |
|
|
| PostgreSQL 18.x | pg_isready | Incluso in client package, sempre compatibile |
|
|
| MinIO RELEASE.2025+ | AWS S3 SDK v2/v3 | Compatibilità API 100% verificata |
|
|
|
|
## Sources
|
|
|
|
- **Docker Engine v28 Release Notes** — https://docs.docker.com/engine/release-notes/28.0/ (HIGH confidence, verified 2025-05-30)
|
|
- **Docker Compose Documentation** — https://docs.docker.com/compose/ (HIGH confidence, official docs)
|
|
- **Docker Bridge Networks** — https://docs.docker.com/network/bridge/ (HIGH confidence, official docs)
|
|
- **MinIO Linux Documentation** — https://min.io/docs/minio/linux/index.html (HIGH confidence, version RELEASE.2025-05-24T17-08-30Z verified)
|
|
- **PostgreSQL Documentation** — https://www.postgresql.org/docs/ (HIGH confidence, version 18 confirmed current)
|
|
- **Docker Rootless Mode** — https://docs.docker.com/engine/security/rootless/ (HIGH confidence, security best practice)
|
|
- **Compose Build Specification** — https://docs.docker.com/compose/file-spec/build/ (HIGH confidence, V2 syntax verified)
|
|
|
|
---
|
|
*Stack research for: Cloud Training Laboratories (Laboratori Cloud)*
|
|
*Researched: 2026-03-24*
|