You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Jetty is a pure Java-based HTTP (Web) server and Java Servlet container. While Web Servers are usually associated with serving documents to people, Jetty is now often used for machine to machine communications, usually within larger software frameworks. Jetty is developed as a free and open source project as part of the Eclipse Foundation. The web server is used in products such as Apache ActiveMQ, Alfresco, Apache Geronimo, Apache Maven, Apache Spark, Google App Engine, Eclipse, FUSE, Twitter's Streaming API and Zimbra. Jetty is also the server in open source projects such as Lift, Eucalyptus, Red5, Hadoop and I2P. Jetty supports the latest Java Servlet API (with JSP support) as well as protocols SPDY and WebSocket.
To run the default Jetty server in the background, use the following command:
$ docker run -d jetty
You can test it by visiting http://container-ip:8080 or https://container-ip:8443/ in a browser. To expose your Jetty server to outside requests, use a port mapping as follows:
$ docker run -d -p 80:8080 -p 443:8443 jetty
This will map port 8080 inside the container as port 80 on the host and container port 8443 as host port 443. You can then go to http://host-ip or https://host-ip in a browser.
Webapps can be deployed under /var/lib/jetty/webapps in the usual ways (WAR file, exploded WAR directory, or context XML file). To deploy your application to the / context, use the name ROOT.war, the directory name ROOT, or the context file ROOT.xml (case insensitive).
For older EOL'd images based on Jetty 7 or Jetty 8, please follow the legacy instructions on the Eclipse Wiki and deploy under /usr/local/jetty/webapps instead of /var/lib/jetty/webapps.
Configuration
The configuration of the Jetty server can be reported by running with the --list-config option:
$ docker run -d jetty --list-config
Configuration such as parameters and additional modules may also be passed in via the command line. For example:
$ docker run -d jetty --module=jmx jetty.threadPool.maxThreads=500
To update the server configuration in a derived Docker image, the Dockerfile may enable additional modules with RUN commands like:
FROM jetty
RUN java -jar "$JETTY_HOME/start.jar" --add-to-startd=jmx,stats
Modules may be configured in a Dockerfile by editing the properties in the corresponding /var/lib/jetty/start.d/*.ini file or the module can be deactivated by removing that file.
JVM Configuration
JVM options can be set by passing the JAVA_OPTIONS environment variable to the container. For example, to set the maximum heap size to 1 gigabyte, you can run the container as follows:
$ docker run -e JAVA_OPTIONS="-Xmx1g" -d jetty
Read-only container
To run jetty as a read-only container, have Docker create the /tmp/jetty and /run/jetty directories as volumes:
$ docker run -d --read-only -v /tmp/jetty -v /run/jetty jetty
Since the container is read-only, you'll need to either mount in your webapps directory with -v /path/to/my/webapps:/var/lib/jetty/webapps or by populating /var/lib/jetty/webapps in a derived image.
HTTP/2 Support
Starting with version 9.3, Jetty comes with built-in support for HTTP/2. However, due to potential license compatiblity issues with the ALPN library used to implement HTTP/2, the module is not enabled by default. In order to enable HTTP/2 support in a derived Dockerfile for private use, you can add a RUN command that enables the http2 module and approve its license as follows:
FROM jetty
RUN java -jar $JETTY_HOME/start.jar --add-to-startd=http2 --approve-all-licenses
This will add an http2.ini file to the $JETTY_BASE/start.d directory and download the required ALPN libraries into $JETTY_BASE/lib/alpn, allowing the use of HTTP/2. HTTP/2 connections should be made via the same port as normal HTTPS connections (container port 8443). If you would like to enable the http2 module via $JETTY_BASE/start.ini instead, substitute --add-to-start in place of --add-to-startd in the RUN command above.
Security
By default, this image starts as user root and uses Jetty's setuid module to drop privileges to user jetty after initialization. The JETTY_BASE directory at /var/lib/jetty is owned by jetty:jetty (uid 999, gid 999).
If you would like the image to start immediately as user jetty instead of starting as root, you can start the container with -u jetty:
$ docker run -d -u jetty jetty
Image Variants
The jetty images come in many flavors, each designed for a specific use case.
jetty:<version>
This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of.
jetty:<version>-alpine
This image is based on the popular Alpine Linux project, available in the alpine official image. Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general.
This variant is useful when final image size being as small as possible is your primary concern. The main caveat to note is that it does use musl libc instead of glibc and friends, so software will often run into issues depending on the depth of their libc requirements/assumptions. See this Hacker News comment thread for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.
To minimize image size, it's uncommon for additional related tools (such as git or bash) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the alpine image description for examples of how to install packages if you are unfamiliar).
As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.
Logo © Eclipse Foundation