Commit 5775c7bd authored by LETORT Sebastien's avatar LETORT Sebastien

Merge branch 'purge_rails' into 'django'

Purge rails

See merge request !173
parents 8877a9c4 e39d5843
Pipeline #77944 passed with stages
in 7 minutes and 16 seconds
......@@ -4,13 +4,14 @@ ALLGO containers
Overview
--------
A minimal deployment of allgo consists of 4 docker images:
A minimal deployment of allgo consists of 6 docker images:
- **allgo/rails**: the rails application server
- **allgo/mysql**: the mysql database server
- **allgo/redis** : the redis application server
- **allgo/django** : the django application server
- **allgo/mysql** : the mysql database server
- **allgo/controller**: the manager for user docker containers
- **allgo/ssh**: the ssh frontend (giving access to the sandboxes)
- **allgo/toolbox**: an image containing a set of commands (scp, vi, nano,
- **allgo/ssh** : the ssh frontend (giving access to the sandboxes)
- **allgo/toolbox** : an image containing a set of commands (scp, vi, nano,
less, ...) to be mounted in the user sandboxes
These images may be deployed multiple times to implement multiple independent
......@@ -27,7 +28,7 @@ There is an extra image used only in development:
- **allgo/smtpsink**: a SMTP server that catches and stores all incoming messages into a single mailbox
Each environment has its own docker network. The nginx container is connected
to all these networks to that it can connect to the rails servers.
to all these networks.
Conventions
......@@ -37,7 +38,7 @@ All docker images use the following conventions.
### External volumes
They data is stored in:
Their data are stored in:
- `/vol/rw` for persistent data
- `/vol/ro` for persistent data in read-only access
......@@ -77,14 +78,13 @@ It provides 8 containers:
All external volumes are stored in `/data/dev/` (the path is absolute because
it is tricky to use a relative path with the allgo/docker image).
For convenience, all containers not running as root (rails, mysql, registry)
For convenience, all containers not running as root (django, mysql, registry)
have their user overridden to the UID:GID of the developer running
docker-compose. This is managed with the `DOCKERUSER` environment variable set
[in the `.env`
file](https://docs.docker.com/compose/environment-variables/#the-env-file) by
[in the `.env` file](https://docs.docker.com/compose/environment-variables/#the-env-file) by
`prepare.sh`.
For convenience (again), there is an extra external volumes for `dev-rails`,
For convenience (again), there is an extra external volume for `dev-django`,
`dev-controller` and `dev-ssh` so that the source directory of the app is mounted
inside `/opt/` (in fact it overrides the actual application files provided by
the docker image). The purpose is to avoid rebuilding a new docker image for
......@@ -93,16 +93,15 @@ each development iteration.
### Getting started
The sources are located in two repositories:
The sources are located in one repository:
- *rails-allgo*: the rails application repository
- *allgo*: the deployment repository
To set up the development environment, run:
1. get the sources
<pre>
<pre>
git clone git@gitlab.inria.fr:allgo/allgo.git
cd allgo
</pre>
......@@ -110,19 +109,19 @@ To set up the development environment, run:
2. *(as root)* create `/data/dev` and make it owned by the developer
<pre>
sudo mkdir -p /data/dev
sudo chown USER: /data/dev
sudo chown $USER: /data/dev
</pre>
3. bootstrap the environment
<pre>
<pre>
./bootstrap
</pre>
This command will run the `/dk/init_container` in every container that
needs it, then start the container.
The first run takes a very long time because all images are built from
scratch (especially the rails image which builds ruby source).
You have enough time for a coffee break.
The first run takes a few minutes because all images are built from
scratch.
You may have enough time for a short coffee break.
**Note** by default `bootstrap` works on all containers. It is possible
to give an explicit list of containers instead. Example:
......@@ -164,34 +163,34 @@ The official doc for docker-compose is available at: [https://docs.docker.com/co
</pre>
- hard cleanup (remove images too)
<pre>
<pre>
fig down --rmi local
</pre>
- restart a container
<pre>
fig restart dev-rails
fig restart dev-django
</pre>
- restart a container using a new docker image (if the image has been rebuilt since the last start)
<pre>
fig up dev-rails
<pre>
fig up dev-django
</pre>
- rebuild an image
<pre>
fig build dev-railf
<pre>
fig build dev-django
</pre>
- **Note:** most commands work on every container by default (eg: up down
start stop restart ...) they can be use on an individual container too:
<pre>
fig restart dev-controller dev-rails
<pre>
fig restart dev-controller dev-django
</pre>
- run a container with an arbitrary command (eg: to have access to the rails console)
<pre>
fig run --rm dev-rails bash
- run a container with an arbitrary command (eg: to have access to the django console)
<pre>
fig run --rm dev-django bash
</pre>
**Note:** containers created by `fig run` have the same parameters as
......@@ -199,10 +198,10 @@ The official doc for docker-compose is available at: [https://docs.docker.com/co
*allgo_dev-ssh_run_1*), which means that this container is not
reachable by the others (this may be an issue for example if you want
to run the mysqld server manually: `fig run dev-mysql mysqld` -> this
container won't be reachable by the ssh and rails containers)
container won't be reachable by the ssh and django containers)
- follow the output of all containers:
<pre>
<pre>
fig logs --tail=1 --follow
</pre>
......@@ -242,7 +241,7 @@ it as root**, otherwise it will be owned by root and you may have errors like:
If somehow you skipped this step, you can reset the ownership to the current user:
sudo chown USER: /data/dev
sudo chown -R USER: /data/dev/{registry,mysql,rails}
sudo chown -R USER: /data/dev/{registry,mysql,django}
If you are completely lost, you can just restart the initialisation from scratch:
......@@ -282,22 +281,21 @@ Hosts a mysql server listening on port 3306 with two databases: `allgo` and
- `ssh` has read only access to `allgo`
## rails
Hosts four daemons for running allgo:
## django
- the unicorn server (runnning the rails application)
- the sidekiq queue manager
- the redis db server
- a nginx frontend for buffering the HTTP requests/responses
Hosts three daemons for running the allgo web server:
- a nginx frontend for buffering the HTTP requests/responses and routing them
to the other daemons. It also serves static files directly
- the gunicorn server (running the django application)
- the allgo.aio server (serving the asynchronous requests)
This container is managed with supervisor, the `supervisorctl` command allows
starting/stopping the daemons individually.
### Running the rails server manually
### Running the django server manually
TODO ?
- run the `dev-rails` container and open a shell:
[comment]: # ( - run the `dev-rails` container and open a shell:
<pre>
fig up -d
docker exec -t -i dev-rails bash
......@@ -308,7 +306,7 @@ starting/stopping the daemons individually.
supervisorctl stop rails
rails server
</pre>
)
## ssh
......@@ -324,7 +322,7 @@ WEBAPP@sid.allgo.irisa.fr`). Each allgo webapp is mapped to a system user
gid = 65534 (nogroup)
gecos = webapps.name
shell = /bin/allgo-shell
</pre>
</pre>
- The ssh server is configured to accept key-based authentication only. The
list of public keys is obtained from the (using an AuthorizedKeysCommand).
......@@ -333,12 +331,12 @@ WEBAPP@sid.allgo.irisa.fr`). Each allgo webapp is mapped to a system user
- The connection to the sandbox is made though a unix socket and a set of pipes
in the filesystem.
## docker
## controller
Hosts the *docker-allgo-proxy* which manages all docker operations (run, stop,
rm, commit, pull, push, ...) on behalf of the rails container.
Hosts the *docker-controller* which manages all docker operations (run, stop,
rm, commit, pull, push, ...) on behalf of the django container.
Technically speaking this container had root privileges since it has access to
Technically speaking this container has root privileges since it has access to
the docker socket.
The proxy script enforces restrictions (according to the current environment: eg prod/qualif/dev) on:
......@@ -363,3 +361,5 @@ mailbox.
The mailbox is accessible with IMAP as user *sink* (password *sink*).
NOTE: in the development environment, django's default is to dump outgoing
e-mails to the console. Thus this container is only useful in the qualif setup.
......@@ -79,9 +79,6 @@ Database
integrating the database constraints (that are managed by Ruby on Rails and
not the SGDB).
It has been decided to use the same database for both rails and django but with
a different naming.
At the moment the django docker container take care of the migration by calling
the migration script. The migration process consist of two files located int
`tools` folder:
......@@ -129,7 +126,7 @@ The different configuration file for the docker file such as the nginx
configuration in the `setup/dk` directory. This includes:
- `allgo.conf`: nginx configuration for the django docker
- `container_init`: initialisation of the container (imports the rails database)
- `container_init`: initialisation of the container
- `nginx.patch`: main nginx configuration
- `run-allgo`: bash script creating the necessary directories and running the
different services necessary for the application
......
......@@ -120,24 +120,6 @@ services:
networks: [dev, sandboxes]
# RAILS
######################################################################################################################
dev-rails:
container_name: dev-rails
build: rails
user: "$DOCKERUSER"
ports:
- "127.0.0.1:3000:8080"
volumes:
- "/data/dev/rails:/vol"
- "./rails:/opt/allgo"
environment:
RAILS_ENV: development
networks: [dev]
tty: true
stdin_open: true
# SMTP
######################################################################################################################
......
{
"directory": "/opt/bower_components"
}
Dockerfile*
.git
.*.swo
.*.swp
.DS_Store
.vagrant
*.rbc
*.sassc
.sass-cache
capybara-*.html
.rspec
.rvmrc
.bundle
vendor/bundle
log
log/*
tmp/
tmp/*
db/*.sqlite3
public/system/*
coverage/
spec/tmp/*
**.orig
rerun.txt
pickle-email-*.html
.project
dump.rdb
app/assets/dockers
app/assets/dockers/*
app/assets/stylesheets/theme/
public/app/*
db/backup/*
public/datastore
.settings/
.vagrant/
deploy/.vagrant/
deploy/atom
deploy/debian-jessie
.keep
*.keep
doing.txt
active_admin.rb.old
vendor/assets/components/*
deploy/nginxconf
public/assets
.*.sw[po]
FROM allgo/base-debian
# configure the node reporisory
# http://linuxbsdos.com/2017/06/26/how-to-install-node-js-lts-on-debian-9-stretch/
RUN apt-getq install curl gnupg ca-certificates &&\
curl -sL https://deb.nodesource.com/setup_8.x | bash -
# install system packages + bower
RUN apt-getq install mariadb-client libmariadb-client-lgpl-dev-compat \
redis-server curl imagemagick git ca-certificates \
gcc g++ make libc6-dev file libffi-dev libgdbm-dev libgmp-dev \
libncurses5-dev libncursesw5-dev libreadline6-dev libssl-dev \
libyaml-dev openssl procps systemtap-sdt-dev zlib1g-dev \
nodejs npm supervisor nginx-light zip \
&& ln -s /usr/bin/nodejs /usr/local/bin/node \
&& npm install -g bower
# build & install ruby
ENV PATH="/opt/ruby/bin:$PATH"
COPY deploy/docker/ruby /tmp/ruby
RUN apply-patches /tmp/ruby/*.diff &&\
useradd -m -s /bin/bash allgo &&\
chown allgo: /opt &&\
su allgo -c 'sh /tmp/ruby/install.sh'
# install ruby gems
COPY Gemfile* /tmp/
RUN cd /tmp && chown allgo: /tmp/Gemfile* && su allgo -c "bundle install"
# install bower modules under /opt/bower_components
# (so that they are located in the docker image, even when /opt/allgo is mounted from an external volume)
COPY bower.json .bowerrc /tmp/
RUN mkdir /opt/bower_components &&\
chown allgo: /opt/bower_components &&\
cd /tmp && su allgo -c "bower install"
# install allgo sources + run setup script
COPY . /opt/allgo
RUN sh /opt/allgo/deploy/docker/setup/setup.sh
USER allgo
WORKDIR /opt/allgo
CMD ["run-allgo"]
LABEL dk.migrate_always=1
This diff is collapsed.
GIT
remote: https://github.com/mbleigh/acts-as-taggable-on.git
revision: 8e64c3d4a81cfbb8af621228eae36a65c1f94501
specs:
acts-as-taggable-on (4.0.0)
activerecord (>= 4.0)
GIT
remote: https://github.com/plataformatec/devise.git
revision: 2cf18f99e040853db587a3acdaf6c91737a1fa1c
branch: master
specs:
devise (4.4.3)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0, < 6.0)
responders
warden (~> 1.2.3)
GIT
remote: https://github.com/sinatra/sinatra.git
revision: af6dad2a6c31e31617712b15f455b2a3d3eb1c06
specs:
rack-protection (2.0.0.beta2)
rack
sinatra (2.0.0.beta2)
mustermann (= 1.0.0.beta2)
rack (~> 2.0)
rack-protection (= 2.0.0.beta2)
tilt (~> 2.0)
GEM
remote: https://rubygems.org/
specs:
actioncable (5.0.7)
actionpack (= 5.0.7)
nio4r (>= 1.2, < 3.0)
websocket-driver (~> 0.6.1)
actionmailer (5.0.7)
actionpack (= 5.0.7)
actionview (= 5.0.7)
activejob (= 5.0.7)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.0.7)
actionview (= 5.0.7)
activesupport (= 5.0.7)
rack (~> 2.0)
rack-test (~> 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.0.7)
activesupport (= 5.0.7)
builder (~> 3.1)
erubis (~> 2.7.0)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.0.7)
activesupport (= 5.0.7)
globalid (>= 0.3.6)
activemodel (5.0.7)
activesupport (= 5.0.7)
activerecord (5.0.7)
activemodel (= 5.0.7)
activesupport (= 5.0.7)
arel (~> 7.0)
activesupport (5.0.7)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
addressable (2.4.0)
arel (7.1.4)
ast (2.3.0)
autoprefixer-rails (6.5.0.2)
execjs
axiom-types (0.1.1)
descendants_tracker (~> 0.0.4)
ice_nine (~> 0.11.0)
thread_safe (~> 0.3, >= 0.3.1)
bcrypt (3.1.11)
better_errors (2.1.1)
coderay (>= 1.0.0)
erubis (>= 2.6.6)
rack (>= 0.9.0)
binding_of_caller (0.7.2)
debug_inspector (>= 0.0.1)
bootstrap-sass (3.3.7)
autoprefixer-rails (>= 5.2.1)
sass (>= 3.3.4)
bower-rails (0.11.0)
brakeman (3.4.0)
builder (3.2.3)
bullet (5.4.2)
activesupport (>= 3.0.0)
uniform_notifier (~> 1.10.0)
capistrano (2.15.5)
highline
net-scp (>= 1.0.0)
net-sftp (>= 2.0.0)
net-ssh (>= 2.0.14)
net-ssh-gateway (>= 1.1.0)
capybara (2.10.0)
addressable
mime-types (>= 1.16)
nokogiri (>= 1.3.3)
rack (>= 1.0.0)
rack-test (>= 0.5.4)
xpath (~> 2.0)
client_side_validations (9.0.1)
jquery-rails (~> 4.2)
js_regex (~> 1.2)
rails (~> 5.0.0, >= 5.0.0.1)
climate_control (0.0.3)
activesupport (>= 3.0)
cocaine (0.5.8)
climate_control (>= 0.0.3, < 1.0)
code_analyzer (0.4.7)
sexp_processor
codeclimate-engine-rb (0.3.1)
virtus (~> 1.0)
coderay (1.1.1)
coercible (1.0.0)
descendants_tracker (~> 0.0.1)
coffee-rails (4.2.1)
coffee-script (>= 2.2.0)
railties (>= 4.0.0, < 5.2.x)
coffee-script (2.4.1)
coffee-script-source
execjs
coffee-script-source (1.10.0)
colorize (0.8.1)
concurrent-ruby (1.0.5)
connection_pool (2.2.0)
crass (1.0.4)
cucumber (2.4.0)
builder (>= 2.1.2)
cucumber-core (~> 1.5.0)
cucumber-wire (~> 0.0.1)
diff-lcs (>= 1.1.3)
gherkin (~> 4.0)
multi_json (>= 1.7.5, < 2.0)
multi_test (>= 0.1.2)
cucumber-core (1.5.0)
gherkin (~> 4.0)
cucumber-wire (0.0.1)
daemons (1.2.4)
debug_inspector (0.0.2)
descendants_tracker (0.0.4)
thread_safe (~> 0.3, >= 0.3.1)
diff-lcs (1.2.5)
equalizer (0.0.11)
erubis (2.7.0)
eventmachine (1.2.0.1)
execjs (2.7.0)
factory_girl (4.7.0)
activesupport (>= 3.0.0)
factory_girl_rails (4.7.0)
factory_girl (~> 4.7.0)
railties (>= 3.0.0)
faker (1.6.6)
i18n (~> 0.5)
ffi (1.9.14)
flay (2.8.1)
erubis (~> 2.7.0)
path_expander (~> 1.0)
ruby_parser (~> 3.0)
sexp_processor (~> 4.0)
flog (4.4.0)
path_expander (~> 1.0)
ruby_parser (~> 3.1, > 3.1.0)
sexp_processor (~> 4.4)
font-awesome-rails (4.7.0.1)
railties (>= 3.2, < 5.1)
gherkin (4.0.0)
globalid (0.4.1)
activesupport (>= 4.2.0)
highline (1.7.8)
i18n (0.9.5)
concurrent-ruby (~> 1.0)
ice_nine (0.11.2)
jbuilder (2.6.0)
activesupport (>= 3.0.0, < 5.1)
multi_json (~> 1.2)
jquery-fileupload-rails (0.4.7)
actionpack (>= 3.1)
railties (>= 3.1)
sass (>= 3.2)
jquery-rails (4.2.2)
rails-dom-testing (>= 1, < 3)
railties (>= 4.2.0)
thor (>= 0.14, < 2.0)
js_regex (1.2.1)
regexp_parser (>= 0.3.6, <= 0.4.2)
json (1.8.6)
kgio (2.10.0)
launchy (2.4.3)
addressable (~> 2.3)
listen (3.0.8)
rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7)
logstash-event (1.2.02)
logstasher (1.0.1)
activerecord (>= 4.0)
activesupport (>= 4.0)
logstash-event (~> 1.2.0)
request_store
loofah (2.2.2)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.0)
mini_mime (>= 0.1.1)
method_source (0.9.0)
mime-types (3.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2016.0521)
mimemagic (0.3.2)
mini_mime (1.0.0)
mini_portile2 (2.3.0)
minitest (5.11.3)
multi_json (1.12.1)
multi_test (0.1.2)
mustermann (1.0.0.beta2)
mysql2 (0.4.4)
net-scp (1.2.1)
net-ssh (>= 2.6.5)
net-sftp (2.1.2)
net-ssh (>= 2.6.5)
net-ssh (3.2.0)
net-ssh-gateway (1.2.0)
net-ssh (>= 2.6.5)
nio4r (2.3.0)
nokogiri (1.8.2)
mini_portile2 (~> 2.3.0)
orm_adapter (0.5.0)
paperclip (5.1.0)
activemodel (>= 4.2.0)
activesupport (>= 4.2.0)
cocaine (~> 0.5.5)