Nearly all web projects are moved to #Docker containers now. The old infrastructure was mostly based on CentOS6/7 and the main reason for this step was the annoyance of legacy #PHP projects and their PHP version requirement conflicts. I don't need a cluster or swarm, so I have a single instance with #CentOS based #Project Atomic only. The dockerized projects include:
static pages with nginx
#TYPO3 7.6
#Drupal 8.2
#Piwik 2.17
#Revive Adserver 4.x
#OXID eShop 4.[9|10]
...

Here are some completely subjective "best practices":

• I was a bit disappointed about most available images in Docker's Hub. But make use of the official mariadb, php, drupal, nginx images!
  
• Use your Dockerfile and no massive entrypoint scripts.
  
• Don't try to build a base images for all your projects, the projects have all too different requirements. Found it much easier to build custom images from the official PHP images directly with only what was really needed for the projects.
  
• Think about mail delivery requirements. Does your application requires mail(), or can you configure a SMTP server. Use sSMTP if you need a local MTA.
  
• Get your persistent volumes right and use the correct #SELinux labels.
  
• A local repository makes deployment much easier.
  
• Use #Jenkins to build and deploy new images.
  
• Don't use --link, use Docker networks instead!
  
• jwilder/nginx-proxy still has some bugs, especially with custom nginx configurations, but a wonderful tool.
  
• jrcs/letsencrypt-nginx-proxy-companion and it was never easier to get certificates.
  
• Think about reboots. How you want your containers to be managed? Services for systemctl work quite well so far.
  
• Redirect your application logs to the right output. Log management I should take a look at again.
  

Should also get my private projects into containers next.

Given your #CI generates #Docker images from your Git commits and tags them with something like web01-qa:$BUILD_NUMBER. Right now I can not set a name for the container that gets spun up after every commit, so I needed a solution to tear down the old containers after successful start of a new container based on the image they were created from. This is what I came up with:

docker ps --format "{{.ID}}\t{{.Image}}" | awk -F ':' '/web01-qa/{print $NF, $0}' | sort -r -n | tail -n+2 | awk '/web01-qa/{system("docker stop " $2)}'
Get all running containers, sort them by $BUILD_NUMBER for the image name containing web01-qa, stop all matching containers except the one from the newest image.

Or use docker rm -f if not interested in the old containers anymore.

#^opscode/chef-summit-2014

chef-summit-2014 - Wiki for the Chef Community Summit - 2014
Docker, Chef, & Immutable Infrastructure

#Docker #Chef #CM