CONTAINER DEPLOYMENT
Podman/Docker Container Deployment
Run CPU Agents in isolated container environments using Podman or Docker for reproducible deployments, easy scaling, and simplified dependency management.
Why Use Containers?
Isolation
Run agents in isolated environments without affecting host system
Reproducibility
Consistent deployments across dev, staging, and production
Portability
Deploy anywhere: Windows, Linux, macOS, cloud, or on-premises
Easy Scaling
Spin up multiple agent instances with simple commands
Prerequisites
Podman 4.0+ or Docker 20.10+
Install Podman: podman.io | Install Docker: docker.com
Git (for cloning repository)
Version control to clone the CPU Agents repository
Azure DevOps Organization & Project
Active Azure DevOps project with API access enabled
Dockerfile
Create a Dockerfile in the project root:
FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
WORKDIR /app
FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
WORKDIR /src
COPY ["Phase3.AzureDevOps.csproj", "./"]
RUN dotnet restore
COPY . .
RUN dotnet build -c Release -o /app/build
FROM build AS publish
RUN dotnet publish -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "Phase3.AzureDevOps.dll"]Build & Run with Podman
1
Clone Repository
git clone https://github.com/Lev0n82/CPU-Agents-for-SDLC.git
cd CPU-Agents-for-SDLC/src/Phase3.AzureDevOps2
Create Configuration File
Create appsettings.json:
{
"AzureDevOps": {
"OrganizationUrl": "https://dev.azure.com/your-org",
"ProjectName": "YourProject"
},
"Authentication": {
"Method": "PAT",
"PAT": "your-personal-access-token-here"
},
"Secrets": {
"Provider": "DPAPI",
"DPAPI": {
"StorePath": "/app/data/secrets"
}
},
"Concurrency": {
"ClaimDurationMinutes": 15,
"StaleClaimCheckIntervalMinutes": 5
},
"Logging": {
"LogLevel": {
"Default": "Information"
}
}
}3
Build Container Image
podman build -t cpu-agents-phase3:latest .For Docker, replace podman with docker
4
Run Container
podman run -d \
--name cpu-agents-phase3 \
-v ./appsettings.json:/app/appsettings.json:ro \
-v ./data:/app/data \
--restart unless-stopped \
cpu-agents-phase3:latestVolume Mounts:
appsettings.json- Configuration (read-only)./data- Persistent storage for secrets and state
Build & Run with Docker
Build Image
docker build -t cpu-agents-phase3:latest .Run Container
docker run -d \
--name cpu-agents-phase3 \
-v $(pwd)/appsettings.json:/app/appsettings.json:ro \
-v $(pwd)/data:/app/data \
--restart unless-stopped \
cpu-agents-phase3:latestUsing Docker Compose
Create docker-compose.yml:
version: '3.8'
services:
cpu-agents:
build: .
container_name: cpu-agents-phase3
volumes:
- ./appsettings.json:/app/appsettings.json:ro
- ./data:/app/data
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"Run with:
docker-compose up -dContainer Management
View Container Logs
podman logs -f cpu-agents-phase3Check Container Status
podman ps -aStop Container
podman stop cpu-agents-phase3Start Container
podman start cpu-agents-phase3Restart Container
podman restart cpu-agents-phase3Execute Commands in Container
podman exec -it cpu-agents-phase3 /bin/bashRemove Container
podman stop cpu-agents-phase3
podman rm cpu-agents-phase3Security Best Practices
Use Rootless Containers
Podman supports rootless containers by default. For Docker, enable rootless mode for enhanced security.
Mount Configuration as Read-Only
Use
:ro flag when mounting appsettings.json to prevent accidental modifications.Use Secrets Management
For production, use Docker/Podman secrets or external secrets managers instead of mounting configuration files.
Limit Container Resources
Use
--memory and --cpus flags to prevent resource exhaustion.Regular Image Updates
Rebuild images regularly to include latest security patches from base images.