Merge pull request #248 from fablabbcn/chore/docker-compose-upgrade

Docker compose upgrade

.gitignore

@@ -51,3 +51,6 @@ storage
 deploy_history.txt
 scripts/certs
 scripts/emqt
+.tool-versions
+
+compose.override.yml

README.md

@@ -33,13 +33,16 @@ We recommend using `rbenv`.
 
    `cp env.example .env`
 
-2. Start basic services (recommended)
+2. Copy the local development docker overrides:
+   `cp compose.override.local.yml compose.override.yml`
+
+3. Start basic services (recommended)
 
    In a new terminal window do:
 
-   `docker-compose up app db`
+   `docker compose up app db`
 
-   See the `docker-compose.yml` file `depends_on:` section to see which containers depend on which.
+   See the `compose.yml` file `depends_on:` section to see which containers depend on which.
 
    Available containers:
    * `app` - Rails app
@@ -54,25 +57,25 @@ We recommend using `rbenv`.
 
    Start ALL of them (not recommended) with:
 
-   `docker-compose up`
+   `docker compose up`
 
-3. (OPTIONAL) Start Cassandra cluster of 3 nodes
+4. (OPTIONAL) Start Cassandra cluster of 3 nodes
 
    If you want to start Kairos with 3 Cassandra cluster with 3 nodes:
 
-   * Uncomment the other 2 cassandras in `docker-compose.yml` file
+   * Uncomment the other 2 cassandras in `compose.yml` file
 
    * Edit the file `scripts/conf/kairosdb.properties` and change the following line:
 
      `kairosdb.datastore.cassandra.cql_host_list=cassandra-1`
 
-     `docker-compose up kairos cassandra-1 cassandra-2 cassandra-3`
+     `docker compose up kairos cassandra-1 cassandra-2 cassandra-3`
 
-4. Create the database (first time only)
+5. Create the database (first time only)
 
    If you need to perfom many operations, it might be better to `bash` into the container:
 
-   `docker-compose exec app bash`
+   `docker compose exec app bash`
 
    and from here you can do
 
@@ -82,22 +85,38 @@ We recommend using `rbenv`.
 
    `bin/rails db:seed`
 
-    Or you can run them all at once with: `docker-compose exec app bin/rails db:setup`
+    Or you can run them all at once with: `docker compose exec app bin/rails db:setup`
 
-5. Removing everything
+6. Removing everything
 
    Remove all containers + data volumes with:
 
-   `docker-compose down -v`
+   `docker compose down -v`
+
+## Running the tests on a local docker container:
+
+_(I'm not 100% clear why step (3) is needed, but for some reason the DATABASE_URL overrides the test database details in database.yml which causes problems)_
+
+1. Make sure you're running the app and db containers as above:
+   `docker compose up app db`
+
+2. In another terminal, get a shell within the app container:
+   `docker compose exec app bash`
+
+3. Within that shell, unset the DATABASE_URL environment variable:
+   `unset DATABASE_URL`
+
+4. Finally, run the tests (within that shell)!
+   `bundle exec bin/rake spec`
 
 ## Deploying
 
 ### Using Docker
 
 1. SSH into the server
 1. `git pull`
-1. `docker-compose build`
-1. `docker-compose up -d`
+1. `docker compose build`
+1. `docker compose up -d`
 
 ## Cassandra
 

compose.override.local.yml

@@ -0,0 +1,15 @@
+services:
+  auth:
+    restart: "no"
+  app:
+    build:
+      args: !reset []
+    restart: "no"
+  sidekiq:
+    restart: "no"
+  mqtt-task:
+    restart: "no"
+  telnet-task:
+    restart: "no"
+  push:
+    restart: "no"

compose.yml

@@ -0,0 +1,13 @@
+include:
+  - compose/db.yml
+  - compose/redis.yml
+  - compose/auth.yml
+  - compose/app.yml
+  - compose/sidekiq.yml
+  - compose/mqtt-task.yml
+  - compose/telnet-task.yml
+  - compose/mqtt.yml
+  - compose/web.yml
+  - compose/push.yml
+  - compose/kairos.yml
+  - compose/cassandra.yml

compose/app.yml

@@ -0,0 +1,37 @@
+services:
+  app:
+    build:
+      context: ../.
+      # Skip installing development & test gems in production, saves 20s build time.
+      # If developing with Docker, this line might need to be commented out.
+      args:
+        - BUNDLE_WITHOUT=test development
+    env_file: ../.env
+    ports:
+      - "3000:3000"
+    depends_on:
+      # We disable some containers in production
+      - db
+      - auth
+      - redis
+      - sidekiq
+      - mqtt-task
+      - telnet-task
+      - push
+      #- mqtt
+    restart: always
+    deploy:
+      resources:
+        limits:
+          memory: 2gb
+    volumes:
+      - "../:/app"
+    #command: rails server -p 3000 -b '0.0.0.0'
+    #command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 3000 -b '0.0.0.0'"
+    environment:
+      # For this to take effect, remove init/timeout, and in Gemfile, fix "rack-timeout" to not require anything.
+      RACK_TIMEOUT_SERVICE_TIMEOUT: 25
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "100m"

compose/auth.yml

@@ -0,0 +1,7 @@
+services:
+    auth:
+      env_file: ../.env
+      image: smartcitizen/auth
+      ports:
+        - "3001:3000"
+      restart: always

compose/cassandra.yml

@@ -0,0 +1,40 @@
+services:
+  # Check if cassandra cluster is working:
+  # docker compose exec cassandra-1 nodetool status
+  cassandra-1:
+      image: cassandra:3.11.4
+      healthcheck:
+        test: ["CMD-SHELL", "[ $$(nodetool statusgossip) = running ]"]
+        interval: 30s
+        start_period: 30s
+        timeout: 10s
+        retries: 5
+      ports:
+        # no need to expose all ports?
+        - "7000:7000" # Internode, cluster communication
+        - "7001:7001" # TLS Internode
+        - "7199:7199" # JMX
+        - "9042:9042" # CQL native transport
+        - "9160:9160" # Thrift client API
+      #volumes:
+        #- ../sck-cassandra:/var/lib/cassandra
+
+#  cassandra-2:
+#    image: cassandra:3.11.4
+#    ports:
+#      - 9142:9042
+#    environment:
+#      - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers
+#    depends_on:
+#      - cassandra-1
+#    command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 60; fi && /docker-entrypoint.sh cassandra -f'
+#
+#  cassandra-3:
+#    image: cassandra:3.11.4
+#    ports:
+#      - 9242:9042
+#    environment:
+#      - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers
+#    depends_on:
+#      - cassandra-1
+#    command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 120; fi && /docker-entrypoint.sh cassandra -f'

compose/db.yml

@@ -0,0 +1,11 @@
+services:
+   db:
+    image: postgres:10
+    volumes:
+      - sck-postgres:/var/lib/postgresql/data
+   #environment:
+      # NOTE: Postgres 9.5 stopped allowing connections without passwords.
+      # Enable this if needed.
+     #- POSTGRES_HOST_AUTH_METHOD=trust
+volumes:
+  sck-postgres:

compose/kairos.yml

@@ -0,0 +1,23 @@
+services:
+  # There is no official docker image for Kairos 2017-12-18
+  #  kairos:
+  #    image: kairos
+  kairos:
+    env_file: ../.env
+    build:
+      context: ../scripts/
+      dockerfile: Dockerfile-kairos
+    depends_on:
+      cassandra-1:
+        condition: service_healthy
+    deploy:
+      restart_policy:
+        condition: on-failure
+        max_attempts: 3
+        window: 120s
+    ports:
+      - 8080:8080
+      - 4242:4242 #telnet
+    # We better not start Cassandra container in production, it eats up memory
+    #depends_on:
+      #- cassandra-1

compose/mqtt-task.yml

@@ -0,0 +1,12 @@
+services:
+  mqtt-task:
+    build: ../
+    env_file: ../.env
+    command: bundle exec rake mqtt:sub
+    restart: always
+    volumes:
+      - "../log:/app/log"
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "100m"

compose/mqtt.yml

@@ -0,0 +1,41 @@
+services:
+  mqtt:
+    # NOTE: This cannot be fully dockerized in production yet because MQTT also needs port 80
+    # The MQTT server hax iptables rules that 80 -> 1883 and 443 -> 8883
+    # This was done in the past to allow kits to post mqtt over 80 to prevent firewall issues.
+    #
+    #image: emqx/emqx:v2.4.7 # This is currently on mqtt server #2020-05-05
+    image: emqx/emqx:v3.0.0 # last known working version on docker
+    ports:
+      - "1883:1883"   # mqtt tcp
+      #- "8080:8080"   # http:management - can clash with Kairos
+      - "8083:8083"   # HTTP and WebSocket
+      - "8084:8084"   # HTTPS and WSS
+      - "8883:8883"   # MQTT SSL listener port
+      - "18083:18083" # Web dashboard: admin:public
+      - "18084:18084" # Web dashboard TLS
+      #- "11883:11883"
+    environment:
+      # Enable HTTPS for Dashboard:
+      EMQX_DASHBOARD__LISTENER__HTTPS__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
+      EMQX_DASHBOARD__LISTENER__HTTPS__CERTFILE: "/opt/emqx/etc/certs/final.crt"
+      EMQX_DASHBOARD__LISTENER__HTTPS__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"
+      EMQX_DASHBOARD__LISTENER__HTTPS: 18084
+      EMQX_DASHBOARD__LISTENER__HTTPS__ACCEPTORS: 2
+      EMQX_DASHBOARD__LISTENER__HTTPS__MAX_CLIENTS: 512
+
+      EMQX_LISTENER__WSS__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
+      EMQX_LISTENER__WSS__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt"
+      EMQX_LISTENER__WSS__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"
+
+      EMQX_LISTENER__SSL__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key"
+      EMQX_LISTENER__SSL__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt"
+      EMQX_LISTENER__SSL__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle"
+      EMQX_LISTENER__SSL__EXTERNAL: 8883
+      #EMQX_LISTENER__SSL__EXTERNAL__REUSEADDR: "true"
+    volumes:
+      # emqx.conf can be overwritten with ENV vars, so next line is not needed. Rather use ENV above
+      #- "./scripts/emqx-config/emqx.conf:/opt/emqx/etc/emqx.conf"
+      # However, acl.conf is not supported (yet), see: https://github.com/emqx/emqx-docker/issues/86
+      #- "./scripts/emqx-config/acl.conf:/opt/emqx/etc/acl.conf"
+      - "../scripts/certs/:/opt/emqx/etc/certs/"

compose/push.yml

@@ -0,0 +1,10 @@
+services:
+  # Websockets
+  push:
+    image: smartcitizen/push
+    environment:
+      - REDIS_URL=redis://redis:6379/4
+        # TODO: needs SSL on ws.smartcitizen.me
+    restart: always
+    ports:
+      - 8000:8000

compose/redis.yml

@@ -0,0 +1,3 @@
+services:
+  redis:
+    image: redis:5

compose/sidekiq.yml

@@ -0,0 +1,8 @@
+services:
+  sidekiq:
+    build: ../.
+    env_file: ../.env
+    command: bundle exec sidekiq
+    restart: always
+    volumes:
+      - "../log:/app/log"

compose/telnet-task.yml

@@ -0,0 +1,6 @@
+services:
+  telnet-task:
+    build: ../.
+    env_file: ../.env
+    command: bundle exec rake telnet:push
+    restart: always

compose/web.yml

@@ -0,0 +1,12 @@
+services:
+  web:
+    image: nginx
+    depends_on:
+      - app
+    ports:
+      - 80:80
+      - 80:80/udp
+      #- 443:443
+    volumes:
+      - ../scripts/nginx-conf/api.smartcitizen.me.conf:/etc/nginx/conf.d/api.smartcitizen.me.conf
+      - ../scripts/nginx.conf:/etc/nginx/nginx.conf