Commit c653e9ba authored by RyanHerb's avatar RyanHerb

Merge branch 'feature/docker_compose' into dev

parents 8f306b2a 1d428c17
......@@ -520,61 +520,84 @@ make functional
$ sudo dpkg -i path/to/package
* Docker
** Building the necessary images
The vidjil docker image is built on an Ubuntu image equipped with systemd.
This is a custom image for which the Dockerfile can be found in
docker/ubuntu_systemd.
In order to build the vidjil_ubuntu image, simply run
$ docker build -t ubuntu_systemd .
from the ubuntu_systemd directory. And then
$ docker build -t vidjil_ubuntu .
** Starting a Vidjil docker environment
Traditionnally the Vidjil Team uses a MySQL database to store user data,
so in this guide we will cover setting up a MySQL Docker alongside the Vidjil Docker.
Start the mysql container. If the tagged version is not available locally it will be pulled automatically:
$ docker run --name <mysql-name> -e MYSQL_ROOT_PASSWORD=<my-secret-pw> -d mysql/mysql-server:<tag>
Get the container's ip address:
$ docker inspect <mysql-name> | grep -i ip
Setup the vidjil databse:
$ mysql -h <container-ip> -u root -p
$ create database <vidjil-database>;
$ create user <vidjil-user>;
$ grant all on <vidjil-database>.* to '<vidjil-user>'@'%';
$ set password for '<vidjil-user>'@'%' = PASSWORD('<vidjil-user-password>');
Exit the MySQL interface and edit your local defs.py file to match the newly created database:
$ DB_ADDRESS = 'mysql://<vidjil-user>:<vidjil-user-password>@<mysql-conainer-ip>/<vidjil-database>'
Start the vidjil Docker:
$ docker run --name <vidjil-container-name>\
--link <mysql-name>:mysql\
--privileged\
-d\
-v /sys/fs/cgroup:/sys/fs/cgroup:ro\
-v <path-to-defs>:/etc/vidjil/defs.py\
-p 80:80\
-p 443:443\
vidjil_ubuntu
Make sure it works:
$ curl http://localhost/browser
$ curl https://localhost/vidjil
The vidjil Docker environment is managed by Docker Compose since it is
composed of several different services this allows us to easily start and
stop individual services.
The services are as follows:
- mysql The database
- postfix The mailing server
- uwsgi The Web2py backend server
- fuse The XmlRPCServer that handles custom fuses (for comparing
samples)
- nginx The web server
- workers The Web2py Scheduler workers in charge of executing vidjil
users' samples
- reporter A monitoring utility that can be configured to send
monitoring information to a remote server
** Configuring the Vidjil container
Should you wish to further customise your vidjil environment, most configuration files are located in /etc/vidjil/.
Here is a list of thos files:
apache_web2py configuration required when running vidjil with apache2
conf.js contains various variables for the vidjil browser
defs.py contains various variables for the vidjil server
nginx_gzip.conf configuration for gzip in nginx
nginx_gzip_static.conf same as the previous but for static ressources
nginx_web2py configuration required when running vidjil with nginx
systemd_fuse_server.service systemd service that starts the vidjil fuse server
systemd_web2py_scheduler.service systemd service that starts the vidjil scheduler workers
uwsgi.ini configuration required to run vidjil with uwsgi
If you are using this environment for use on localhost, everything should
work out of the box, simply skip ahead to the section about building the
image and running the services.
However you may need to further configure the setup in order to make it
available to a whole network.
Here is a list of the configuration files found in the vidjil directory:
conf/conf.js contains various variables for the vidjil browser
conf/defs.py contains various variables for the vidjil server
conf/gzip.conf configuration for gzip in nginx
conf/gzip_static.conf same as the previous but for static ressources
conf/uwsgi.ini configuration required to run vidjil with uwsgi
sites/nginx configuration required when running vidjil with nginx
scripts/nginx-entrypoint.sh entrypoint for the nginx
service (not currently in use)
scripts/uwsgi-entrypoint.sh entrypoint for the uwsgi
service. Ensures the owner of some relevant volumes are correct within
the container and starts uwsgi
Here are some notable configuration changes you should consider:
- Change the mysql user/password in docker-compose.yml. You will also
need to change the DB_ADDRESS in conf/defs.py to match it.
- Change the hostname in the nginx configuration vidjil/sites/nginx_conf
. If you are using vidjil on a network, then this might be required.
- Change the default admin password. Login as plop@plop.com password 1234
and go to the following URL: https://<your
hostname>/vidjil/default/user/change_password
- Change the ssl certificates. When building the image vidjil-server
which creates a self-signed certificate for the sake of convenience to
ensure the HTTPS queries work from the start, but this may not be
acceptable for a production environment.
In order to replace certificates the current method is to mount the
certificates to /etc/nginx/ssl with docker volumes in
docker-compose.yml.
- Change the FROM_EMAIL and ADMIN_EMAILS variables in conf/defs.py. These
represent the sender email address and the destination email addresses,
used in reporting patient milestones and server errors.
- Change the volumes in docker-compose.yml. By default all files that
require saving outside of the containers (the database, uploads, vidjil
results and log files) are stored in /opt/vidjil , but you can change
this by editing the paths in the volumes.
- Configure the reporter. Ideally this container should be posistionned
on a remote server in order to be able to report on a down server, but we have packed it here for convenience.
** Building and starting the environment
Building the image is simple and can be done prior to editing the
configuration files if you so wish although it is not necessary.
The docker image is not on the DockerHub and therefore needs to be built
before it can be used.
$ docker-compose build
Running the services:
$ docker-compose up
Shorthand for the two previous commands:
$ docker-compose up --build
FROM ubuntu:16.04
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
......@@ -6,7 +6,7 @@ services:
- MYSQL_ROOT_PASSWORD=MySRPimSRP
volumes:
- ./mysql/:/docker-entrypoint-initdb.d/
- /var/lib/mysql:/var/lib/mysql
- /opt/vidjil/mysql:/var/lib/mysql
postfix:
image: catatnight/postfix
environment:
......@@ -23,8 +23,7 @@ services:
- /opt/vidjil/result/results:/mnt/result/results
- /opt/vidjil/result/tmp:/mnt/result/tmp
- /opt/vidjil/upload/uploads:/mnt/upload/uploads
- /var/vidjil:/var/vidjil
- /home/ryan/vidjil:/usr/share/vidjil
- /opt/vidjil/log:/var/vidjil
depends_on:
- mysql
- postfix
......@@ -35,13 +34,13 @@ services:
- fuse:fuse
fuse:
image: vidjil:test
command: bash /entrypoints/fuse-entrypoint.sh
volumes:
- /home/user/vidjil:/usr/share/vidjil
- /opt/vidjil/result/results:/mnt/result/results
- /opt/vidjil/result/tmp:/mnt/result/tmp
- /opt/vidjil/upload/uploads:/mnt/upload/uploads
nginx:
image: vidjil:test
volumes:
- /home/user/vidjil:/usr/share/vidjil
#- /home/user/ssl:/etc/nginx/ssl
depends_on:
- uwsgi
links:
......@@ -50,7 +49,7 @@ services:
- "80:80"
- "443:443"
#command: bash /entrypoints/nginx-entrypoint.sh
command: nginx -g 'daemon off;'
command: bash -c "spawn-fcgi -u www-data -s /var/run/fcgiwrap.socket /usr/sbin/fcgiwrap ; nginx -g 'daemon off;'"
workers:
image: vidjil:test
......@@ -60,8 +59,7 @@ services:
- /opt/vidjil/result:/mnt/result
- /opt/vidjil/result/tmp:/mnt/result/tmp
- /opt/vidjil/upload:/mnt/upload
- /var/vidjil:/var/vidjil
- /home/ryan/vidjil:/usr/share/vidjil
- /opt/vidjil/log:/var/vidjil
depends_on:
- uwsgi
- mysql
......@@ -75,8 +73,7 @@ services:
- /opt/vidjil/result/results:/mnt/result/results
- /opt/vidjil/result/tmp:/mnt/result/tmp
- /opt/vidjil/upload/uploads:/mnt/upload/uploads
- /var/vidjil:/var/vidjil
- /home/ryan/vidjil:/usr/share/vidjil
- /opt/vidjil/log:/var/vidjil
- ./reporter/code:/opt/reporter
depends_on:
- uwsgi
......
CREATE USER vidjil_user;
SET PASSWORD FOR vidjil_user = PASSWORD('rootpass');
CREATE USER vidjil;
SET PASSWORD FOR vidjil = PASSWORD('rootpass');
CREATE DATABASE vidjil;
GRANT ALL ON vidjil.* TO 'vidjil_user'@'%';
GRANT ALL ON vidjil.* TO 'vidjil'@'%';
from vidjil:test
run apt-get update && apt-get install -y cron python python-pip iputils-ping
run apt-get clean && rm -rf /var/lib/apt/lists/* && apt-get update && apt-get install -y cron python python-pip iputils-ping
run pip install crontab requests
......
username ryan
username vidjil
key /home/ryan/.ssh/id_rsa
monitor http://monitor.vidjil.org/server
python /usr/bin/python
servername vidjil-ryan
servername vidjil-docker
cron_user www-data
cron 0 5 * * * *
host 127.0.0.1
path /home/www-data/vidjil
path /usr/share/vidjil
local true
......@@ -135,7 +135,7 @@ def run_scripts(params):
for key in scripts:
#remove file extensions
new_key = key.split('.')[0]
if params['local'] != 'False':
if params['local'] == 'False':
results[new_key] = tunnel(params['host'], params['username'], params['key'], params['path'], scripts[key])
else:
results[new_key] = execute(params['path'], scripts[key])
......
revision git_rev.sh
patients count-patients.sh
samples count-samples.sh
uptime uptime.sh
......
File mode changed from 100644 to 100755
File mode changed from 100644 to 100755
File mode changed from 100644 to 100755
File mode changed from 100644 to 100755
File mode changed from 100644 to 100755
File mode changed from 100644 to 100755
File mode changed from 100644 to 100755
* * * * * root /usr/bin/python /opt/reporter/reporter.py >> /var/log/cron.log 2>&1
0 5 * * * root /usr/bin/python /opt/reporter/reporter.py >> /var/log/cron.log 2>&1
......@@ -16,10 +16,10 @@ run set -x \
&& chmod +x /usr/local/bin/gosu \
&& apt-get purge -y --auto-remove ca-certificates wget
run echo deb http://rby.vidjil.org:8080/archive sid/all/ >> /etc/apt/sources.list
run echo deb http://rby.vidjil.org:8080/archive sid/amd64/ >> /etc/apt/sources.list
run echo deb http://rby.vidjil.org:8080/archive wheezy/all/ >> /etc/apt/sources.list
run echo deb http://rby.vidjil.org:8080/archive wheezy/amd64/ >> /etc/apt/sources.list
run echo deb http://vda.vidjil.org:8080/archive sid/all/ >> /etc/apt/sources.list
run echo deb http://vda.vidjil.org:8080/archive sid/amd64/ >> /etc/apt/sources.list
run echo deb http://vda.vidjil.org:8080/archive wheezy/all/ >> /etc/apt/sources.list
run echo deb http://vda.vidjil.org:8080/archive wheezy/amd64/ >> /etc/apt/sources.list
run echo "vidjil-server vidjil/reconfigure-webserver string nginx" > preseed.txt
run echo "vidjil-server vidjil/restart-webserver boolean false" >> preseed.txt
......@@ -36,7 +36,7 @@ run echo "vidjil-server vidjil/ssl-email string team@vidjil.org" >> preseed.txt
run debconf-set-selections preseed.txt
run gpg --recv-keys --keyserver rby.vidjil.org 9187987418E1A625
run apt-get update ; apt-get install --no-install-recommends --no-install-suggests -y -q sudo curl apt-utils uwsgi-plugin-python nginx-full
run apt-get update ; apt-get install --no-install-recommends --no-install-suggests -y -q sudo curl apt-utils uwsgi-plugin-python nginx-full fcgiwrap
run apt-get update ; DEBIAN_FRONTEND=noninteractive apt-get -y -q --allow-unauthenticated install vidjil-archive-keyring
run apt-get update ; DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --no-install-suggests -y -q --allow-unauthenticated vidjil-server
......@@ -56,5 +56,6 @@ copy ./conf/defs.py /etc/vidjil/defs.py
copy ./conf/conf.js /etc/vidjil/conf.js
copy ./scripts/nginx-entrypoint.sh /entrypoints/nginx-entrypoint.sh
copy ./scripts/uwsgi-entrypoint.sh /entrypoints/uwsgi-entrypoint.sh
copy ./scripts/fuse-entrypoint.sh /entrypoints/fuse-entrypoint.sh
run mkdir /usr/share/vidjil/server/web2py/applications/vidjil/databases && touch /usr/share/vidjil/server/web2py/applications/vidjil/databases/sql.log
run adduser vidjil && usermod -aG sudo vidjil
......@@ -40,5 +40,5 @@ var config = {
// "autoload_analysis" : "data/Stanford-S22.analysis"
// Proxy config for IMGT querying
"proxy": "http://localhost/proxy"
"proxy": "https://localhost/vidjil/proxy/imgt"
}
......@@ -42,6 +42,7 @@ DIR_MIXCR = '/usr/bin'
DIR_GERMLINE = '/usr/share/vidjil/germline'
### Port on which to run the fuse server
### Used in models/task.py and in /server/fuse_server.py
FUSE_SERVER = 'fuse'
PORT_FUSE_SERVER = 12789
### Log files
......@@ -59,3 +60,8 @@ REVERSE_IP = '/home/vidjil/ips.txt'
### Locus (should be parsed from germlines.data)
LOCUS = ['TRA', 'TRA+D', 'TRB', 'TRG', 'TRD', 'TRD+',
'IGH', 'IGH+', 'IGK', 'IGK+', 'IGL']
# Preventu upload and run when 1% space is left in target disk
FS_LOCK_THRESHHOLD = 1
SCHEDULER_HEARTBEAT = 5
#!/bin/bash
cd /usr/share/vidjil/server
/usr/local/bin/gosu www-data python fuse_server.py
#!/bin/bash
chown -R www-data:www-data /mnt/results
chown -R www-data:www-data /mnt/uploads
chown -R www-data:www-data /mnt/result
chown -R www-data:www-data /mnt/upload
chown -R www-data:www-data /usr/share/vidjil/server/web2py/applications/vidjil/databases
/usr/local/bin/gosu www-data /usr/bin/uwsgi --ini /etc/uwsgi/apps-enabled/web2py.ini
......@@ -54,16 +54,6 @@ server {
#}
###
location ~* ^/(\w+)/static/ {
root /usr/share/vidjil/server/web2py/applications/;
expires max;
### if you want to use pre-gzipped static files (recommended)
### check scripts/zip_static_files.py and remove the comments
# include /etc/nginx/conf.d/web2py/gzip_static.conf;
###
}
client_max_body_size 20G;
location /cgi/ {
......
......@@ -20,7 +20,7 @@ def fuse(cmd, output_dir, filename):
return fuse_filepath
def main():
server = SimpleXMLRPCServer(("localhost", defs.PORT_FUSE_SERVER))
server = SimpleXMLRPCServer((defs.FUSE_SERVER, defs.PORT_FUSE_SERVER))
server.register_function(fuse, "fuse")
while True:
server.handle_request()
......
......@@ -577,7 +577,7 @@ def custom_fuse(file_list):
files += os.path.abspath(defs.DIR_RESULTS + db.results_file[id].data_file) + " "
cmd = "python "+ os.path.abspath(defs.DIR_FUSE) +"/fuse.py -o "+output_file+" -t 100 "+files
proc_srvr = xmlrpclib.ServerProxy("http://localhost:%d" % defs.PORT_FUSE_SERVER)
proc_srvr = xmlrpclib.ServerProxy("http://%s:%d" % (defs.FUSE_SERVER, defs.PORT_FUSE_SERVER))
fuse_filepath = proc_srvr.fuse(cmd, out_folder, output_filename)
try:
......
......@@ -48,6 +48,7 @@ DIR_GERMLINE = DIR_VIDJIL + 'germline/'
### Port on which to run the fuse server
### Used in models/task.py and in /server/fuse_server.py
FUSE_SERVER = 'localhost'
PORT_FUSE_SERVER = 12789
### Log files
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment