We have template Python projects so that the start of any Python development has a big head start
- Virtual environment build (venv)
- Test framework install with sample test
- Library install
- Linter (flake8)
- build and test from a simple command line
- Container build
- Container push to the container repository
Because we are using niche technology I have had to write my own equivalent of Redgate SQLDoc, SQL Source Control and a deployment pipeline. In the production environment the containers to execute that functionality spin up when required, do their job, terminate and evaporate. Because everything is self-contained there is no danger of the libraries from one app clashing with the libraries of another app.
My colleagues have experimented with minimising the container size so we use Linux Alpine as a base container. The trade off is that an app with many dependencies may take some development effort to get working due to the minimal install of the initial container but once it's done it's done.
Docker images can be very fast to spin up and very fast to execute what they do. They reward those who write tight, efficient code and protect systems from those who don't.
We do run databases in containers for our local development though not in production. It used to be the case that Docker containers should be regarded as stateless but this is no longer the case.
The container approach also means that I can have more of the software stack running on my workstation. This means that not only do I have great freedom to play around I can do so without impacting other people. I can learn with bravery. It also means that I am not reliant on any form of network connection to do my work.
What comes after containers? Unikernels. These are apps with their own OS but only the OS needed to do what the apps are intended to do. If your app doesn't need a display, printer, keyboard or mouse then it won't have the OS mechanisms or drivers for those things. The pay off is that a unikernal app can be tiny as in single digit Kb. This means they are blazingly fast to boot up. They carry out their tasks and shut down. Not only do they have less to hack they don't exist long enough to be hacked.
If you want to learn about Docker and Kubernetes I can recommend Nigel Poulton's courses on Pluralsight and his books.