Skip to content

Commit

Permalink
try different approach for networking so dependencies wouldnt have to…
Browse files Browse the repository at this point in the history 
… be restarted
  • Loading branch information
@rikukissa
rikukissa committed Sep 18, 2024
1 parent 268464e commit 62c146a
Show file tree
Hide file tree
Showing 2 changed files with 67 additions and 58 deletions.
12 changes: 1 addition & 11 deletions infrastructure/deployment/deploy.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -302,22 +302,13 @@ docker_stack_deploy() {

EXISTING_STACKS=$(configured_ssh 'docker stack ls --format "{{ .Name }}" | grep -v "dependencies" | paste -sd "," -')

configured_rsync -rlD $SSH_USER@$SSH_HOST:/opt/opencrvs/infrastructure/docker-compose.dependencies.yml ./infrastructure/docker-compose.dependencies.yml

REFRESH_DEPENDENCY_NETWORKS=false

if echo $EXISTING_STACKS | grep -w $STACK > /dev/null; then
echo "Stack $STACK exists"
npx tsx infrastructure/deployment/add-networks.ts infrastructure/docker-compose.dependencies.yml "$EXISTING_STACKS" > ./docker-compose.dependencies.yml
else
echo "Stack $STACK doesnt exist. Creating"
REFRESH_DEPENDENCY_NETWORKS=true
npx tsx infrastructure/deployment/add-networks.ts infrastructure/docker-compose.dependencies.yml "$EXISTING_STACKS,$STACK" > ./docker-compose.dependencies.yml
fi

configured_rsync -rlD ./docker-compose.dependencies.yml $SSH_USER@$SSH_HOST:/opt/opencrvs/infrastructure/docker-compose.dependencies.yml

if [ "$REFRESH_DEPENDENCY_NETWORKS" = true ] || [ "$UPDATE_DEPENDENCIES" = true ]; then
if [ "$UPDATE_DEPENDENCIES" = true ]; then
echo "Updating dependency stack"
configured_ssh 'cd /opt/opencrvs && \
docker stack deploy --prune -c '$(split_and_join " " " -c " "$(to_remote_paths $DEPENDENCY_COMPOSE_FILES)")' --with-registry-auth dependencies'
Expand All @@ -326,7 +317,6 @@ docker_stack_deploy() {
configured_ssh 'cd /opt/opencrvs && \
docker stack deploy --prune -c '$(split_and_join " " " -c " "$(to_remote_paths $APPLICATION_COMPOSE_FILES)")' --with-registry-auth '$STACK


}

validate_options
Expand Down
113 changes: 66 additions & 47 deletions infrastructure/docker-compose.app.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,9 @@ services:
- source: hearth-ext-conf.{{ts}}
target: /src/hearth/config/queryparam-extensions.json
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand All @@ -46,8 +47,9 @@ services:
labels:
- 'traefik.enable=false'
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand All @@ -70,7 +72,7 @@ services:
- 'traefik.http.routers.${STACK}__countryconfig.tls.domains[0].sans=*.${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__countryconfig.entrypoints=web,websecure'
- 'traefik.http.routers.${STACK}__countryconfig.middlewares=gzip-compression'
- 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
- 'traefik.docker.network=dependencies_internal_net'
- 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.Cache-control=no-store'
- 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.X-Robots-Tag=none'
Expand Down Expand Up @@ -117,8 +119,9 @@ services:
- INFOBIP_SENDER_ID=${INFOBIP_SENDER_ID:-}
- DOMAIN=${STACK}.{{hostname}}
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand All @@ -143,7 +146,7 @@ services:
- 'traefik.http.routers.${STACK}__login.tls.domains[0].sans=*.${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__login.entrypoints=web,websecure'
- 'traefik.http.routers.${STACK}__login.middlewares=gzip-compression'
- 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
- 'traefik.docker.network=dependencies_internal_net'
- 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.Cache-control=no-store'
- 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.X-Robots-Tag=none'
Expand All @@ -152,8 +155,9 @@ services:
- 'traefik.http.middlewares.${STACK}__login.headers.stspreload=true'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand All @@ -180,7 +184,7 @@ services:
- 'traefik.http.routers.${STACK}__client.tls.domains[0].main=${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__client.tls.domains[0].sans=*.${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__client.entrypoints=web,websecure'
- 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
- 'traefik.docker.network=dependencies_internal_net'

- 'traefik.http.middlewares.${STACK}__test-replacepathregex.redirectregex.permanent=true'
- 'traefik.http.middlewares.${STACK}__test-replacepathregex.redirectregex.regex=^https?://${STACK}.{{hostname}}/(.*)'
Expand All @@ -193,8 +197,9 @@ services:
- 'traefik.http.middlewares.${STACK}__client.headers.stspreload=true'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -244,7 +249,7 @@ services:
- 'traefik.http.routers.${STACK}__gateway.tls.domains[0].sans=*.${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__gateway.entrypoints=web,websecure'
- 'traefik.http.routers.${STACK}__gateway.middlewares=gzip-compression'
- 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
- 'traefik.docker.network=dependencies_internal_net'
- 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.Cache-control=no-store'
- 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.X-Robots-Tag=none'
Expand All @@ -253,8 +258,9 @@ services:
- 'traefik.http.middlewares.${STACK}__gateway.headers.stspreload=true'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -288,8 +294,9 @@ services:
- 'traefik.enable=false'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -318,8 +325,9 @@ services:
- 'traefik.enable=false'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand All @@ -342,8 +350,9 @@ services:
volumes:
- '/opt/opencrvs/infrastructure/elasticsearch:/usr/app'
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
deploy:
labels:
- 'traefik.enable=false'
Expand Down Expand Up @@ -390,8 +399,9 @@ services:
- 'traefik.enable=false'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -431,7 +441,7 @@ services:
- 'traefik.http.routers.${STACK}__auth.tls.domains[0].main=${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__auth.tls.domains[0].sans=*.${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__auth.entrypoints=web,websecure'
- 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
- 'traefik.docker.network=dependencies_internal_net'
- 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.Cache-control=no-store'
- 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.X-Robots-Tag=none'
Expand All @@ -440,8 +450,9 @@ services:
- 'traefik.http.middlewares.${STACK}__auth.headers.stspreload=true'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -471,8 +482,9 @@ services:
- 'traefik.enable=false'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -506,7 +518,7 @@ services:
- 'traefik.http.routers.${STACK}__webhooks.tls.domains[0].main=${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__webhooks.tls.domains[0].sans=*.${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__webhooks.entrypoints=web,websecure'
- 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
- 'traefik.docker.network=dependencies_internal_net'
- 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.Cache-control=no-store'
- 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.X-Robots-Tag=none'
Expand All @@ -515,8 +527,9 @@ services:
- 'traefik.http.middlewares.${STACK}__webhooks.headers.stspreload=true'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -557,7 +570,7 @@ services:
- 'traefik.http.routers.${STACK}__config.tls.domains[0].main=${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__config.tls.domains[0].sans=*.${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__config.entrypoints=web,websecure'
- 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
- 'traefik.docker.network=dependencies_internal_net'
- 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.Cache-control=no-store'
- 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.X-Robots-Tag=none'
Expand All @@ -569,8 +582,9 @@ services:
- 'traefik.http.routers.${STACK}__block-dashboard-queries.middlewares=${STACK}__block-internal-routes'
replicas: 1
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -599,8 +613,9 @@ services:
- MINIO_BUCKET=${STACK}--ocrvs
- COUNTRY_CONFIG_URL=http://countryconfig.{{STACK}}_{{STACK}}_app_net:3040
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand All @@ -618,8 +633,9 @@ services:
labels:
- 'traefik.enable=false'
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -658,8 +674,9 @@ services:
restart_policy:
condition: on-failure
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand Down Expand Up @@ -693,8 +710,9 @@ services:
- WEBHOOKS_MONGODB_PASSWORD=${WEBHOOKS_MONGODB_PASSWORD}
- NOTIFICATION_MONGODB_PASSWORD=${NOTIFICATION_MONGODB_PASSWORD}
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
logging:
driver: gelf
options:
Expand All @@ -708,8 +726,9 @@ services:
# Exceed Docker config file 500 kb file limit, thus a volume mount
- /opt/opencrvs/infrastructure/metabase/metabase.init.db.sql:/metabase.init.db.sql
networks:
- {{STACK}}_app_net
- dependencies_{{STACK}}_dependencies_net
{{STACK}}_app_net:
dependencies_internal_net:
aliases: []
environment:
- QA_ENV=true
- HOST=0.0.0.0
Expand Down Expand Up @@ -737,7 +756,7 @@ services:
- 'traefik.http.routers.${STACK}__metabase.tls.domains[0].main=${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__metabase.tls.domains[0].sans=*.${STACK}.{{hostname}}'
- 'traefik.http.routers.${STACK}__metabase.entrypoints=web,websecure'
- 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net'
- 'traefik.docker.network=dependencies_internal_net'
- 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.Pragma=no-cache'
- 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.Cache-control=no-store'
- 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.X-Robots-Tag=none'
Expand All @@ -761,7 +780,7 @@ configs:
mongo-on-deploy.{{ts}}:
file: /opt/opencrvs/infrastructure/mongodb/on-deploy.sh
networks:
dependencies_{{STACK}}_dependencies_net:
dependencies_internal_net:
external: true
{{STACK}}_app_net:
driver: overlay
Expand Down

0 comments on commit 62c146a

Please sign in to comment.