There is a tutorial for using it. It's linked to after you install it for the first time, and is available here[1]. It goes through a few common tasks, though by no means is a "kitchen sink" tutorial.
In regards to your specific questions:
- I've answered this elsewhere, but your uptime is defined by your host uptime (and any mechanisms for backup/restore you have setup). Some hosting providers (AWS/GCP) provide migration of hosts that die, some have block storage (Azure/AWS/DO/GCP), while others (Rackspace) provide backups of specific directories. As with anything you run and maintain, very heavy YMMV here, but I'm happy to answer questions[2] specific to your needs.
- Dokku runs very few/no persistent binaries (atm only an optional event-listener that restarts apps if it detects a web container has changed it's IP address), so the attack vectors are your app and anything else you are running that exposes ports externally (SSH is the big one). I defer to others on container security, but our default Herokuish (and Pack) images are built to run processes as non-root users, so that should provide _some_ level of isolation. Container security is a big space, so I don't want to write something here that will be outdated in three seconds or is just plain wrong. If you have concerns about specific things in the project, please get in touch[2].
- I've used metadataproxy[3] to lock down IAM roles on a per-app basis (with a custom plugin injecting the correct container env var for each app). If you need to lock apps to specific users, there is the community dokku-acl[4] plugin. I'm also working on team management support in Dokku Pro[5] which will be a bit more familiar to users of Heroku.
- I know of a few users using our kubernetes plugin[6] (automated via terraform) against mostly default Kubernetes clusters in Digitalocean and AWS. If the Dokku host dies, they just lose the ability to deploy, but can restore access fairly quickly. Everything else just kinda lives out there on their cluster.
Feel free to reach out[1] and I'll try and answer any specific concerns :)
- [1] Official tutorial: https://dokku.com/docs/deployment/application-deployment/
- [2] Ways to get in touch: https://dokku.com/docs/getting-started/where-to-get-help/
- [3] metadataproxy: https://github.com/lyft/metadataproxy
- [4] dokku-acl: https://github.com/dokku-community/dokku-acl
- [5] Dokku Pro: https://pro.dokku.com/
- [6] Kubernetes Scheduler plugin: https://github.com/dokku/dokku-scheduler-kubernetes
There is a tutorial for using it. It's linked to after you install it for the first time, and is available here[1]. It goes through a few common tasks, though by no means is a "kitchen sink" tutorial.
In regards to your specific questions:
Feel free to reach out[1] and I'll try and answer any specific concerns :)