From 53af84bf48804b5f5c5050782699e0d8a3598e4d Mon Sep 17 00:00:00 2001 From: oscgonfer Date: Fri, 20 Oct 2023 18:30:43 +0200 Subject: [PATCH 1/6] Docker compose proposal for managing resources --- docker-compose.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index cbf5b1dd..2b57ea19 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,3 @@ -version: '3.3' - services: db: image: postgres:10 @@ -41,6 +39,10 @@ services: - push #- mqtt restart: always + deploy: + resources: + limits: + memory: 2gb volumes: - "./:/app" #command: rails server -p 3000 -b '0.0.0.0' @@ -150,6 +152,11 @@ services: build: context: ./scripts/ dockerfile: Dockerfile-kairos + deploy: + restart_policy: + condition: on-failure + max_attempts: 3 + window: 120s ports: - 8080:8080 - 4242:4242 #telnet From dc80e0039595c7f755d65058f910fe16f6ef242c Mon Sep 17 00:00:00 2001 From: Tim Cowlishaw Date: Sun, 19 Nov 2023 14:43:50 +0100 Subject: [PATCH 2/6] fix syntax error in docker-compose.yml, rename to compose.yml --- docker-compose.yml => compose.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) rename docker-compose.yml => compose.yml (97%) diff --git a/docker-compose.yml b/compose.yml similarity index 97% rename from docker-compose.yml rename to compose.yml index 2b57ea19..45ccdd8e 100644 --- a/docker-compose.yml +++ b/compose.yml @@ -39,10 +39,10 @@ services: - push #- mqtt restart: always - deploy: - resources: - limits: - memory: 2gb + deploy: + resources: + limits: + memory: 2gb volumes: - "./:/app" #command: rails server -p 3000 -b '0.0.0.0' @@ -165,7 +165,7 @@ services: #- cassandra-1 # Check if cassandra cluster is working: -# docker-compose exec cassandra-1 nodetool status +# docker compose exec cassandra-1 nodetool status cassandra-1: image: cassandra:3.11.4 ports: From 504b1f50752bb366d6120781b86e7c0ddc59146e Mon Sep 17 00:00:00 2001 From: Tim Cowlishaw Date: Sun, 19 Nov 2023 14:44:36 +0100 Subject: [PATCH 3/6] add local overrides for docker compose --- .gitignore | 3 +++ compose.override.local.yml | 15 +++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 compose.override.local.yml diff --git a/.gitignore b/.gitignore index beca8271..eacb8610 100644 --- a/.gitignore +++ b/.gitignore @@ -51,3 +51,6 @@ storage deploy_history.txt scripts/certs scripts/emqt +.tool-versions + +compose.override.yml diff --git a/compose.override.local.yml b/compose.override.local.yml new file mode 100644 index 00000000..6122d346 --- /dev/null +++ b/compose.override.local.yml @@ -0,0 +1,15 @@ +services: + auth: + restart: "no" + app: + build: + args: !reset [] + restart: "no" + sidekiq: + restart: "no" + mqtt-task: + restart: "no" + telnet-task: + restart: "no" + push: + restart: "no" From eb2ff09972ca654b30c654c04338905cb1f599dd Mon Sep 17 00:00:00 2001 From: Tim Cowlishaw Date: Sun, 19 Nov 2023 14:45:23 +0100 Subject: [PATCH 4/6] consistently use `docker compose` instead of `docker-compose` everywhere --- README.md | 47 +++++++++++++++++++++++++----------- docs/mqtt.md | 6 ++--- scripts/deploy.sh | 8 +++--- scripts/docker_backup_db.sh | 2 +- scripts/docker_restore_db.sh | 2 +- 5 files changed, 42 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index f6357743..fdcd132c 100644 --- a/README.md +++ b/README.md @@ -33,13 +33,16 @@ We recommend using `rbenv`. `cp env.example .env` -2. Start basic services (recommended) +2. Copy the local development docker overrides: + `cp compose.override.local.yml compose.override.yml` + +3. Start basic services (recommended) In a new terminal window do: - `docker-compose up app db` + `docker compose up app db` - See the `docker-compose.yml` file `depends_on:` section to see which containers depend on which. + See the `compose.yml` file `depends_on:` section to see which containers depend on which. Available containers: * `app` - Rails app @@ -54,25 +57,25 @@ We recommend using `rbenv`. Start ALL of them (not recommended) with: - `docker-compose up` + `docker compose up` -3. (OPTIONAL) Start Cassandra cluster of 3 nodes +4. (OPTIONAL) Start Cassandra cluster of 3 nodes If you want to start Kairos with 3 Cassandra cluster with 3 nodes: - * Uncomment the other 2 cassandras in `docker-compose.yml` file + * Uncomment the other 2 cassandras in `compose.yml` file * Edit the file `scripts/conf/kairosdb.properties` and change the following line: `kairosdb.datastore.cassandra.cql_host_list=cassandra-1` - `docker-compose up kairos cassandra-1 cassandra-2 cassandra-3` + `docker compose up kairos cassandra-1 cassandra-2 cassandra-3` -4. Create the database (first time only) +5. Create the database (first time only) If you need to perfom many operations, it might be better to `bash` into the container: - `docker-compose exec app bash` + `docker compose exec app bash` and from here you can do @@ -82,13 +85,29 @@ We recommend using `rbenv`. `bin/rails db:seed` - Or you can run them all at once with: `docker-compose exec app bin/rails db:setup` + Or you can run them all at once with: `docker compose exec app bin/rails db:setup` -5. Removing everything +6. Removing everything Remove all containers + data volumes with: - `docker-compose down -v` + `docker compose down -v` + +## Running the tests on a local docker container: + +_(I'm not 100% clear why step (3) is needed, but for some reason the DATABASE_URL overrides the test database details in database.yml which causes problems)_ + +1. Make sure you're running the app and db containers as above: + `docker compose up app db` + +2. In another terminal, get a shell within the app container: + `docker compose exec app bash` + +3. Within that shell, unset the DATABASE_URL environment variable: + `unset DATABASE_URL` + +4. Finally, run the tests (within that shell)! + `bundle exec bin/rake spec` ## Deploying @@ -96,8 +115,8 @@ We recommend using `rbenv`. 1. SSH into the server 1. `git pull` -1. `docker-compose build` -1. `docker-compose up -d` +1. `docker compose build` +1. `docker compose up -d` ## Cassandra diff --git a/docs/mqtt.md b/docs/mqtt.md index af298c93..e5b79289 100644 --- a/docs/mqtt.md +++ b/docs/mqtt.md @@ -12,7 +12,7 @@ The new system makes use of EMQ Shared Subscription system with Load balancing. MQTT host address is held in `.env` under the `ENV["MQTT_HOST"]` variable. Although it must be provided for `'production'`, `127.0.0.1` is set by default on `'test'` and `'development'` environments if not specified. -> NOTE: It is required defining `ENV["MQTT_HOST"]` and `ENV["MQTT_CLIENT"]` for `production` as an exception will be thrown at server startup otherwise. +> NOTE: It is required defining `ENV["MQTT_HOST"]` and `ENV["MQTT_CLIENT"]` for `production` as an exception will be thrown at server startup otherwise. ## End-points @@ -57,7 +57,7 @@ Devices can also publish to the topic `device/sck/device_token:/readings/raw` wi * Messages must be published using QoS (Quality of Service) of 1. -## Development and test +## Development and test ### Working with MQTT locally (no Docker) @@ -85,7 +85,7 @@ The following will send a message from the `app` container to the `mqtt` contain 2. Access the rails console inside the `app` container: - `docker-compose exec app bin/rails console` + `docker compose exec app bin/rails console` 3. Send a message to the `test` topic: diff --git a/scripts/deploy.sh b/scripts/deploy.sh index b4f9fdef..64358441 100755 --- a/scripts/deploy.sh +++ b/scripts/deploy.sh @@ -1,13 +1,13 @@ #!/bin/sh # Always pull from master? What if staging should deploy 'dev' branch? git pull origin master; -docker-compose pull auth push; +docker compose pull auth push; # Accept containers as params. Supports starting only 'app db' f.x. -docker-compose build && docker-compose up -d $@ +docker compose build && docker compose up -d $@ # Do we want to auto migrate? # For now, we only check if migration is needed -docker-compose exec app bin/rails db:migrate:status -#docker-compose exec app bin/rails db:migrate +docker compose exec app bin/rails db:migrate:status +#docker compose exec app bin/rails db:migrate echo $(date) $(git rev-parse HEAD) >> deploy_history.txt diff --git a/scripts/docker_backup_db.sh b/scripts/docker_backup_db.sh index 931b046b..fe6ae699 100755 --- a/scripts/docker_backup_db.sh +++ b/scripts/docker_backup_db.sh @@ -5,5 +5,5 @@ if ! [[ $1 ]]; then exit fi -#docker exec -i $(docker-compose ps -q db) pg_dump -Upostgres $1 > dump_`date +%Y-%m-%d"_"%H_%M_%S`.sql +#docker exec -i $(docker compose ps -q db) pg_dump -Upostgres $1 > dump_`date +%Y-%m-%d"_"%H_%M_%S`.sql docker exec -i smartcitizen-api_db_1 pg_dump -Upostgres $1 > backup/dump_`date +%Y-%m-%d"_"%H_%M_%S`.sql diff --git a/scripts/docker_restore_db.sh b/scripts/docker_restore_db.sh index 923ce61a..bc9c1b34 100755 --- a/scripts/docker_restore_db.sh +++ b/scripts/docker_restore_db.sh @@ -5,4 +5,4 @@ if ! [[ $1 ]]; then exit fi -docker exec -i $(docker-compose ps -q db) psql -Upostgres $1 < dump_latest.sql +docker exec -i $(docker compose ps -q db) psql -Upostgres $1 < dump_latest.sql From 62f8ba52613828bd36661a531cb2a4c7abaafd53 Mon Sep 17 00:00:00 2001 From: Tim Cowlishaw Date: Mon, 20 Nov 2023 08:13:33 +0100 Subject: [PATCH 5/6] split out compose.yml by service --- compose.yml | 215 +++------------------------------------- compose/app.yml | 37 +++++++ compose/auth.yml | 7 ++ compose/cassandra.yml | 34 +++++++ compose/db.yml | 11 ++ compose/kairos.yml | 20 ++++ compose/mqtt-task.yml | 12 +++ compose/mqtt.yml | 41 ++++++++ compose/push.yml | 10 ++ compose/redis.yml | 3 + compose/sidekiq.yml | 8 ++ compose/telnet-task.yml | 6 ++ compose/web.yml | 12 +++ 13 files changed, 214 insertions(+), 202 deletions(-) create mode 100644 compose/app.yml create mode 100644 compose/auth.yml create mode 100644 compose/cassandra.yml create mode 100644 compose/db.yml create mode 100644 compose/kairos.yml create mode 100644 compose/mqtt-task.yml create mode 100644 compose/mqtt.yml create mode 100644 compose/push.yml create mode 100644 compose/redis.yml create mode 100644 compose/sidekiq.yml create mode 100644 compose/telnet-task.yml create mode 100644 compose/web.yml diff --git a/compose.yml b/compose.yml index 45ccdd8e..435c4bfd 100644 --- a/compose.yml +++ b/compose.yml @@ -1,202 +1,13 @@ -services: - db: - image: postgres:10 - volumes: - - sck-postgres:/var/lib/postgresql/data - #environment: - # NOTE: Postgres 9.5 stopped allowing connections without passwords. - # Enable this if needed. - #- POSTGRES_HOST_AUTH_METHOD=trust - - redis: - image: redis:5 - - auth: - env_file: .env - image: smartcitizen/auth - ports: - - "3001:3000" - restart: always - - app: - build: - context: . - # Skip installing development & test gems in production, saves 20s build time. - # If developing with Docker, this line might need to be commented out. - args: - - BUNDLE_WITHOUT=test development - env_file: .env - ports: - - "3000:3000" - depends_on: - # We disable some containers in production - - db - - auth - - redis - - sidekiq - - mqtt-task - - telnet-task - - push - #- mqtt - restart: always - deploy: - resources: - limits: - memory: 2gb - volumes: - - "./:/app" - #command: rails server -p 3000 -b '0.0.0.0' - #command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 3000 -b '0.0.0.0'" - environment: - # For this to take effect, remove init/timeout, and in Gemfile, fix "rack-timeout" to not require anything. - RACK_TIMEOUT_SERVICE_TIMEOUT: 25 - logging: - driver: "json-file" - options: - max-size: "100m" - - sidekiq: - build: . - env_file: .env - command: bundle exec sidekiq - restart: always - volumes: - - "./log:/app/log" - - mqtt-task: - build: . - env_file: .env - command: bundle exec rake mqtt:sub - restart: always - volumes: - - "./log:/app/log" - logging: - driver: "json-file" - options: - max-size: "100m" - - telnet-task: - build: . - env_file: .env - command: bundle exec rake telnet:push - restart: always - - mqtt: - # NOTE: This cannot be fully dockerized in production yet because MQTT also needs port 80 - # The MQTT server hax iptables rules that 80 -> 1883 and 443 -> 8883 - # This was done in the past to allow kits to post mqtt over 80 to prevent firewall issues. - # - #image: emqx/emqx:v2.4.7 # This is currently on mqtt server #2020-05-05 - image: emqx/emqx:v3.0.0 # last known working version on docker - ports: - - "1883:1883" # mqtt tcp - #- "8080:8080" # http:management - can clash with Kairos - - "8083:8083" # HTTP and WebSocket - - "8084:8084" # HTTPS and WSS - - "8883:8883" # MQTT SSL listener port - - "18083:18083" # Web dashboard: admin:public - - "18084:18084" # Web dashboard TLS - #- "11883:11883" - environment: - # Enable HTTPS for Dashboard: - EMQX_DASHBOARD__LISTENER__HTTPS__KEYFILE: "/opt/emqx/etc/certs/mydomain.key" - EMQX_DASHBOARD__LISTENER__HTTPS__CERTFILE: "/opt/emqx/etc/certs/final.crt" - EMQX_DASHBOARD__LISTENER__HTTPS__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle" - EMQX_DASHBOARD__LISTENER__HTTPS: 18084 - EMQX_DASHBOARD__LISTENER__HTTPS__ACCEPTORS: 2 - EMQX_DASHBOARD__LISTENER__HTTPS__MAX_CLIENTS: 512 - - EMQX_LISTENER__WSS__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key" - EMQX_LISTENER__WSS__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt" - EMQX_LISTENER__WSS__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle" - - EMQX_LISTENER__SSL__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key" - EMQX_LISTENER__SSL__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt" - EMQX_LISTENER__SSL__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle" - EMQX_LISTENER__SSL__EXTERNAL: 8883 - #EMQX_LISTENER__SSL__EXTERNAL__REUSEADDR: "true" - volumes: - # emqx.conf can be overwritten with ENV vars, so next line is not needed. Rather use ENV above - #- "./scripts/emqx-config/emqx.conf:/opt/emqx/etc/emqx.conf" - # However, acl.conf is not supported (yet), see: https://github.com/emqx/emqx-docker/issues/86 - #- "./scripts/emqx-config/acl.conf:/opt/emqx/etc/acl.conf" - - "./scripts/certs/:/opt/emqx/etc/certs/" - - web: - image: nginx - depends_on: - - app - ports: - - 80:80 - - 80:80/udp - #- 443:443 - volumes: - - ./scripts/nginx-conf/api.smartcitizen.me.conf:/etc/nginx/conf.d/api.smartcitizen.me.conf - - ./scripts/nginx.conf:/etc/nginx/nginx.conf - - # Websockets - push: - image: smartcitizen/push - environment: - - REDIS_URL=redis://redis:6379/4 - # TODO: needs SSL on ws.smartcitizen.me - restart: always - ports: - - 8000:8000 - -# There is no official docker image for Kairos 2017-12-18 -# kairos: -# image: kairos - kairos: - env_file: .env - build: - context: ./scripts/ - dockerfile: Dockerfile-kairos - deploy: - restart_policy: - condition: on-failure - max_attempts: 3 - window: 120s - ports: - - 8080:8080 - - 4242:4242 #telnet - # We better not start Cassandra container in production, it eats up memory - #depends_on: - #- cassandra-1 - -# Check if cassandra cluster is working: -# docker compose exec cassandra-1 nodetool status - cassandra-1: - image: cassandra:3.11.4 - ports: - # no need to expose all ports? - - "7000:7000" # Internode, cluster communication - - "7001:7001" # TLS Internode - - "7199:7199" # JMX - - "9042:9042" # CQL native transport - - "9160:9160" # Thrift client API - #volumes: - #- sck-cassandra:/var/lib/cassandra - -# cassandra-2: -# image: cassandra:3.11.4 -# ports: -# - 9142:9042 -# environment: -# - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers -# depends_on: -# - cassandra-1 -# command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 60; fi && /docker-entrypoint.sh cassandra -f' -# -# cassandra-3: -# image: cassandra:3.11.4 -# ports: -# - 9242:9042 -# environment: -# - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers -# depends_on: -# - cassandra-1 -# command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 120; fi && /docker-entrypoint.sh cassandra -f' - -volumes: - sck-postgres: +include: + - compose/db.yml + - compose/redis.yml + - compose/auth.yml + - compose/app.yml + - compose/sidekiq.yml + - compose/mqtt-task.yml + - compose/telnet-task.yml + - compose/mqtt.yml + - compose/web.yml + - compose/push.yml + - compose/kairos.yml + - compose/cassandra.yml \ No newline at end of file diff --git a/compose/app.yml b/compose/app.yml new file mode 100644 index 00000000..8545da85 --- /dev/null +++ b/compose/app.yml @@ -0,0 +1,37 @@ +services: + app: + build: + context: ../. + # Skip installing development & test gems in production, saves 20s build time. + # If developing with Docker, this line might need to be commented out. + args: + - BUNDLE_WITHOUT=test development + env_file: ../.env + ports: + - "3000:3000" + depends_on: + # We disable some containers in production + - db + - auth + - redis + - sidekiq + - mqtt-task + - telnet-task + - push + #- mqtt + restart: always + deploy: + resources: + limits: + memory: 2gb + volumes: + - "../:/app" + #command: rails server -p 3000 -b '0.0.0.0' + #command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 3000 -b '0.0.0.0'" + environment: + # For this to take effect, remove init/timeout, and in Gemfile, fix "rack-timeout" to not require anything. + RACK_TIMEOUT_SERVICE_TIMEOUT: 25 + logging: + driver: "json-file" + options: + max-size: "100m" \ No newline at end of file diff --git a/compose/auth.yml b/compose/auth.yml new file mode 100644 index 00000000..5a62a8d3 --- /dev/null +++ b/compose/auth.yml @@ -0,0 +1,7 @@ +services: + auth: + env_file: ../.env + image: smartcitizen/auth + ports: + - "3001:3000" + restart: always \ No newline at end of file diff --git a/compose/cassandra.yml b/compose/cassandra.yml new file mode 100644 index 00000000..073a4676 --- /dev/null +++ b/compose/cassandra.yml @@ -0,0 +1,34 @@ +services: + # Check if cassandra cluster is working: + # docker compose exec cassandra-1 nodetool status + cassandra-1: + image: cassandra:3.11.4 + ports: + # no need to expose all ports? + - "7000:7000" # Internode, cluster communication + - "7001:7001" # TLS Internode + - "7199:7199" # JMX + - "9042:9042" # CQL native transport + - "9160:9160" # Thrift client API + #volumes: + #- ../sck-cassandra:/var/lib/cassandra + +# cassandra-2: +# image: cassandra:3.11.4 +# ports: +# - 9142:9042 +# environment: +# - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers +# depends_on: +# - cassandra-1 +# command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 60; fi && /docker-entrypoint.sh cassandra -f' +# +# cassandra-3: +# image: cassandra:3.11.4 +# ports: +# - 9242:9042 +# environment: +# - CASSANDRA_SEEDS=cassandra-1 # Use IP if on different servers +# depends_on: +# - cassandra-1 +# command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 120; fi && /docker-entrypoint.sh cassandra -f' diff --git a/compose/db.yml b/compose/db.yml new file mode 100644 index 00000000..20c03923 --- /dev/null +++ b/compose/db.yml @@ -0,0 +1,11 @@ +services: + db: + image: postgres:10 + volumes: + - sck-postgres:/var/lib/postgresql/data + #environment: + # NOTE: Postgres 9.5 stopped allowing connections without passwords. + # Enable this if needed. + #- POSTGRES_HOST_AUTH_METHOD=trust +volumes: + sck-postgres: \ No newline at end of file diff --git a/compose/kairos.yml b/compose/kairos.yml new file mode 100644 index 00000000..b87bb36a --- /dev/null +++ b/compose/kairos.yml @@ -0,0 +1,20 @@ +services: + # There is no official docker image for Kairos 2017-12-18 + # kairos: + # image: kairos + kairos: + env_file: ../.env + build: + context: ../scripts/ + dockerfile: Dockerfile-kairos + deploy: + restart_policy: + condition: on-failure + max_attempts: 3 + window: 120s + ports: + - 8080:8080 + - 4242:4242 #telnet + # We better not start Cassandra container in production, it eats up memory + #depends_on: + #- cassandra-1 \ No newline at end of file diff --git a/compose/mqtt-task.yml b/compose/mqtt-task.yml new file mode 100644 index 00000000..f2258b12 --- /dev/null +++ b/compose/mqtt-task.yml @@ -0,0 +1,12 @@ +services: + mqtt-task: + build: ../ + env_file: ../.env + command: bundle exec rake mqtt:sub + restart: always + volumes: + - "../log:/app/log" + logging: + driver: "json-file" + options: + max-size: "100m" diff --git a/compose/mqtt.yml b/compose/mqtt.yml new file mode 100644 index 00000000..2a29e22c --- /dev/null +++ b/compose/mqtt.yml @@ -0,0 +1,41 @@ +services: + mqtt: + # NOTE: This cannot be fully dockerized in production yet because MQTT also needs port 80 + # The MQTT server hax iptables rules that 80 -> 1883 and 443 -> 8883 + # This was done in the past to allow kits to post mqtt over 80 to prevent firewall issues. + # + #image: emqx/emqx:v2.4.7 # This is currently on mqtt server #2020-05-05 + image: emqx/emqx:v3.0.0 # last known working version on docker + ports: + - "1883:1883" # mqtt tcp + #- "8080:8080" # http:management - can clash with Kairos + - "8083:8083" # HTTP and WebSocket + - "8084:8084" # HTTPS and WSS + - "8883:8883" # MQTT SSL listener port + - "18083:18083" # Web dashboard: admin:public + - "18084:18084" # Web dashboard TLS + #- "11883:11883" + environment: + # Enable HTTPS for Dashboard: + EMQX_DASHBOARD__LISTENER__HTTPS__KEYFILE: "/opt/emqx/etc/certs/mydomain.key" + EMQX_DASHBOARD__LISTENER__HTTPS__CERTFILE: "/opt/emqx/etc/certs/final.crt" + EMQX_DASHBOARD__LISTENER__HTTPS__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle" + EMQX_DASHBOARD__LISTENER__HTTPS: 18084 + EMQX_DASHBOARD__LISTENER__HTTPS__ACCEPTORS: 2 + EMQX_DASHBOARD__LISTENER__HTTPS__MAX_CLIENTS: 512 + + EMQX_LISTENER__WSS__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key" + EMQX_LISTENER__WSS__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt" + EMQX_LISTENER__WSS__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle" + + EMQX_LISTENER__SSL__EXTERNAL__KEYFILE: "/opt/emqx/etc/certs/mydomain.key" + EMQX_LISTENER__SSL__EXTERNAL__CERTFILE: "/opt/emqx/etc/certs/final.crt" + EMQX_LISTENER__SSL__EXTERNAL__CACERTFILE: "/opt/emqx/etc/certs/STAR_smartcitizen_me.ca-bundle" + EMQX_LISTENER__SSL__EXTERNAL: 8883 + #EMQX_LISTENER__SSL__EXTERNAL__REUSEADDR: "true" + volumes: + # emqx.conf can be overwritten with ENV vars, so next line is not needed. Rather use ENV above + #- "./scripts/emqx-config/emqx.conf:/opt/emqx/etc/emqx.conf" + # However, acl.conf is not supported (yet), see: https://github.com/emqx/emqx-docker/issues/86 + #- "./scripts/emqx-config/acl.conf:/opt/emqx/etc/acl.conf" + - "../scripts/certs/:/opt/emqx/etc/certs/" \ No newline at end of file diff --git a/compose/push.yml b/compose/push.yml new file mode 100644 index 00000000..aa919a73 --- /dev/null +++ b/compose/push.yml @@ -0,0 +1,10 @@ +services: + # Websockets + push: + image: smartcitizen/push + environment: + - REDIS_URL=redis://redis:6379/4 + # TODO: needs SSL on ws.smartcitizen.me + restart: always + ports: + - 8000:8000 \ No newline at end of file diff --git a/compose/redis.yml b/compose/redis.yml new file mode 100644 index 00000000..b8768f34 --- /dev/null +++ b/compose/redis.yml @@ -0,0 +1,3 @@ +services: + redis: + image: redis:5 \ No newline at end of file diff --git a/compose/sidekiq.yml b/compose/sidekiq.yml new file mode 100644 index 00000000..04eec931 --- /dev/null +++ b/compose/sidekiq.yml @@ -0,0 +1,8 @@ +services: + sidekiq: + build: ../. + env_file: ../.env + command: bundle exec sidekiq + restart: always + volumes: + - "../log:/app/log" \ No newline at end of file diff --git a/compose/telnet-task.yml b/compose/telnet-task.yml new file mode 100644 index 00000000..6929a1d9 --- /dev/null +++ b/compose/telnet-task.yml @@ -0,0 +1,6 @@ +services: + telnet-task: + build: ../. + env_file: ../.env + command: bundle exec rake telnet:push + restart: always diff --git a/compose/web.yml b/compose/web.yml new file mode 100644 index 00000000..46023771 --- /dev/null +++ b/compose/web.yml @@ -0,0 +1,12 @@ +services: + web: + image: nginx + depends_on: + - app + ports: + - 80:80 + - 80:80/udp + #- 443:443 + volumes: + - ../scripts/nginx-conf/api.smartcitizen.me.conf:/etc/nginx/conf.d/api.smartcitizen.me.conf + - ../scripts/nginx.conf:/etc/nginx/nginx.conf \ No newline at end of file From a178a06b3fa1ed0e5708869b2b56f12bdb239f50 Mon Sep 17 00:00:00 2001 From: Tim Cowlishaw Date: Thu, 23 Nov 2023 15:05:08 +0100 Subject: [PATCH 6/6] add a health check to fix the issue with cassandra falling over on staging --- compose/cassandra.yml | 6 ++++++ compose/kairos.yml | 3 +++ 2 files changed, 9 insertions(+) diff --git a/compose/cassandra.yml b/compose/cassandra.yml index 073a4676..642b83df 100644 --- a/compose/cassandra.yml +++ b/compose/cassandra.yml @@ -3,6 +3,12 @@ services: # docker compose exec cassandra-1 nodetool status cassandra-1: image: cassandra:3.11.4 + healthcheck: + test: ["CMD-SHELL", "[ $$(nodetool statusgossip) = running ]"] + interval: 30s + start_period: 30s + timeout: 10s + retries: 5 ports: # no need to expose all ports? - "7000:7000" # Internode, cluster communication diff --git a/compose/kairos.yml b/compose/kairos.yml index b87bb36a..9be8840e 100644 --- a/compose/kairos.yml +++ b/compose/kairos.yml @@ -7,6 +7,9 @@ services: build: context: ../scripts/ dockerfile: Dockerfile-kairos + depends_on: + cassandra-1: + condition: service_healthy deploy: restart_policy: condition: on-failure