BLUF (Bottom Line Up Front): Modern Docker base images (like Debian Bookworm or Ubuntu 22.04) do not support the obsolete cryptography libraries required by old Ruby versions. Attempting to build a Rails 3 or 4 application on these images will fail when compiling native extensions. To successfully dockerize a legacy Ruby on Rails app, you must pin your base image to an older OS release (e.g., Debian Stretch) to ensure compatibility with packages like libssl1.0-dev.
Phase 1: The Build Failure
When containerizing Rails 3, developers usually pick the official ruby:2.3 image. However, when bundle install attempts to compile gems like pg, nokogiri, or eventmachine, it relies on the underlying OS headers.
Synthetic Engineering Context: The OpenSSL Conflict
If you update the base OS packages during the Docker build, the installation of the pg gem fails with a compilation error.
# Terminal Output: Docker build failure
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
...
conftest.c:3:10: fatal error: openssl/ssl.h: No such file or directory
#include <openssl/ssl.h>
^~~~~~~~~~~~~~~
compilation terminated.Modern repositories replace libssl1.0 with libssl3, which is fundamentally incompatible with the C-bindings expected by Ruby 2.3 native extensions.
Phase 2: The Legacy Dockerfile
The solution is locking down the base image and fetching legacy OS dependencies from archived package repositories if necessary.
Execution: The Optimized Base Image
Here is a Dockerfile specifically engineered for an old Rails application.
# Use a frozen, older Debian release (Stretch) that still supports libssl1.0
FROM ruby:2.3.8-slim-stretch
# Set noninteractive installation to avoid hanging builds
ENV DEBIAN_FRONTEND=noninteractive
# Install legacy OS dependencies
RUN apt-get update -qq && apt-get install -y build-essential libpq-dev nodejs libssl1.0-dev git && rm -rf /var/lib/apt/lists/*
WORKDIR /app
# Copy dependency files first to cache the bundle layer
COPY Gemfile Gemfile.lock ./
# Some old gems require specific bundler versions
RUN gem install bundler -v 1.17.3
RUN bundle _1.17.3_ install --jobs 4 --retry 3
COPY . .
# Expose port and boot
EXPOSE 3000
CMD ["bundle", "exec", "rails", "server", "-b", "0.0.0.0"]Phase 3: Next Steps & Risk Mitigation
Running containers based on Debian Stretch or Ubuntu 14.04 introduces severe security vulnerabilities at the OS level. This Dockerization is strictly a containment strategy to stabilize the app locally and on isolated internal staging servers. It buys you time, but you must upgrade the Ruby version immediately after containerizing.
Need Help Stabilizing Your Legacy App? We build secure, reproducible container environments for obsolete applications. Our team at USEO can containerize your legacy monolith and guide you through the upgrade path safely.