Test of first full stack deployment

2025-12-23 06:32:07 +00:00 · 2024-01-12 18:07:20 +00:00
parent d183e43427
commit f8d575d5b0
3 changed files with 164 additions and 79 deletions
--- a/backend.yaml
+++ b/backend.yaml
@@ -15,42 +15,8 @@ services:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    networks:
-      - i-form_research_server_stack
+      i-form_research_server_stack:
-  # A traefik instance provides load balancing and reverse proxying for our services
+        ipv4_address: "172.252.0.5"
  traefik:
    image: traefik:latest
    # Enables the web UI and tells Traefik to listen to docker
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.network=traefik"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
      - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
      - "--entrypoints.web.http.redirections.entryPoint.priority=10" # disable permanent forwarding for every route
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true" # <== Enable TLS-ALPN-01 to generate and renew ACME certs
      - "--certificatesresolvers.myresolver.acme.email=${useremail}"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
    ports:
      # - "80:80"
      # - "443:443"
      - "8089:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - traefik:/etc/traefik
      - letsencrypt:/letsencrypt
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
    networks:
      - i-form_research_server_stack
    # secrets:
    #   - traefik_cert
    #   - traefik_key
  ###~~~~~~ Then, we will need numerous databases for our various services ~~~~~~###
  # We want neo4j as a graph database that can easily be used by other services
  neo4j:
@@ -59,7 +25,7 @@ services:
      - "7474:7474"
      - "7687:7687"
    volumes:
-      - neo4j:/data
+      - stack_neo4j:/data
    deploy:
      replicas: 1
      restart_policy:
@@ -90,10 +56,11 @@ services:
  #     LC_ALL: C.UTF-8
  #     POSTGRES_PASSWORD: /run/secrets/dataverse_postgres_key
  #   volumes:
-  #     - dataverse_db:/var/lib/postgresql/data/ # persist data even if container shuts down
+  #     - stack_dataverse_db:/var/lib/postgresql/data/ # persist data even if container shuts down
-  #     - dataverse_triggers:/triggers
+  #     - stack_dataverse_triggers:/triggers
  #   networks:
-  #     - i-form_research_server_stack
+  #     i-form_research_server_stack:
  #        ipv4_address: "172.252.0.6"
  #   labels:
  #     - "traefik.enable=true"
  #     - "traefik.http.routers.go.rule=Path(`/`)"
@@ -124,14 +91,14 @@ services:
      MYSQL_USER: "elabftw"
      MYSQL_PASSWORD_FILE: /run/secrets/elabftw_sql_key
      MYSQL_ROOT_PASSWORD: "test" # MYSQL_RANDOM_ROOT_PASSWORD: 1
-      MYSQL_HOST: "172.252.0.3"
+      MYSQL_HOST: "172.252.0.15"
-      MYSQL_ROOT_HOST: "172.252.0.3" # Must allow root access from any host or won't work on swarm
+      MYSQL_ROOT_HOST: "172.252.0.15" # Must allow root access from any host or won't work on swarm
      TZ: "Europe/Paris"
    volumes:
-      - elabftw_sql:/var/lib/mysql
+      - stack_elabftw_sql:/var/lib/mysql
    networks:
      i-form_research_server_stack:
-        ipv4_address: "172.252.0.2"
+        ipv4_address: "172.252.0.7"
  ###~~~~~~ Then, we plan our general utility services ~~~~~~###
  # The following service is a simple nginx server that hosts static websites
  nginx:
@@ -139,13 +106,14 @@ services:
    ports:
      - "80:80"
    volumes:
-      - web:/usr/share/nginx/html
+      - stack_web:/usr/share/nginx/html
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
    networks:
-      - i-form_research_server_stack
+      i-form_research_server_stack:
        ipv4_address: "172.252.0.8"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.go.rule=Path(`/`)"
@@ -171,7 +139,7 @@ services:
  #     - "SOLR_JAVA_MEM=-Xms1g -Xmx1g"
  #     - "SOLR_OPTS=-Dlog4j2.formatMsgNoLookups=true"
  #   volumes:
-  #     - dataverse_solr_data:/opt/solr/server/solr/collection1/data
+  #     - stack_dataverse_solr_data:/opt/solr/server/solr/collection1/data
  #     # - dataverse_config:/opt/solr/server/solr/collection1/conf/
  #     - type: bind
  #       source: dataverse_schema
@@ -185,12 +153,13 @@ services:
  #     - "traefik.http.routers.solr.tls=true"
  #     - "traefik.http.routers.solr.tls.certresolver=myresolver"
  #   networks:
-  #     - i-form_research_server_stack
+  #     i-form_research_server_stack:
  #       ipv4_address: "172.252.0.9"
  # minio:
  #   image: minio/minio:RELEASE.2021-10-06T23-36-31Z
  #   volumes:
-  #     - dataverse_minio:/data
+  #     - stack_dataverse_minio:/data
  #   command:
  #     - server
  #     - /data
@@ -217,7 +186,8 @@ services:
  #       - traefik.http.routers.minio-console.rule=Host(`minio-stash.${traefikhost}`)
  #       - traefik.http.services.minio-console.loadbalancer.server.port=9001
  #   networks:
-  #     - i-form_research_server_stack
+  #     i-form_research_server_stack:
  #       ipv4_address: "172.252.0.10"
  # dataverse:
  #   image: coronawhy/dataverse:5.13.allclouds
@@ -302,12 +272,12 @@ services:
  #     - postgres
  #     - solr
  #   volumes:
-  #     - dataverse_secrets:/secrets
+  #     - stack_dataverse_secrets:/secrets
-  #     - dataverse_data:/data
+  #     - stack_dataverse_data:/data
-  #     - dataverse_docroot:/opt/docroot
+  #     - stack_dataverse_docroot:/opt/docroot
-  #     - dataverse_init:/opt/payara/init.d
+  #     - stack_dataverse_init:/opt/payara/init.d
-  #     - dataverse_triggers:/opt/payara/triggers
+  #     - stack_dataverse_triggers:/opt/payara/triggers
-  #     # - dataverse_config:/opt/payara/dvinstall
+  #     # - stack_dataverse_config:/opt/payara/dvinstall
  #     - type: bind
  #       source: dataverse_schema
  #       target: /opt/payara/dvinstall/schema.xml
@@ -320,4 +290,63 @@ services:
  #     - "traefik.http.routers.dataverse.tls=true"
  #     - "traefik.http.routers.dataverse.tls.certresolver=myresolver"
  #   networks:
-  #     - i-form_research_server_stack
+  #     i-form_research_server_stack:
  #       ipv4_address: "172.252.0.11"
 networks:
  i-form_research_server_stack:
    external: true
 volumes:
  stack_rsync_run:
    external: true
  stack_rsync_log:
    external: true
  stack_rsync_etc:
    external: true
  stack_traefik:
    external: true
  stack_letsencrypt:
    external: true
  stack_coredns:
    external: true
  stack_web:
    external: true
  stack_grafana:
    external: true
  stack_dataverse:
    external: true
  stack_dataverse_db:
    external: true
  stack_dataverse_secrets:
    external: true
  stack_dataverse_solr_data:
    external: true
  stack_dataverse_triggers:
    external: true
  stack_dataverse_solr:
    external: true
  stack_dataverse_minio:
    external: true
  stack_dataverse_config:
    external: true
  stack_dataverse_schema:
    external: true
  stack_dataverse_init:
    external: true
  stack_dataverse_data:
    external: true
  stack_dataverse_docroot:
    external: true
  stack_neo4j:
    external: true
  stack_senaite:
    external: true
  stack_elabftw_uploads:
    external: true
  stack_elabftw_var:
    external: true
  stack_elabftw_etc:
    external: true
  stack_elabftw_sql:
    external: true
--- a/7
+++ b/7
@@ -81,11 +81,10 @@ def deploy_stack(username: str, password: str, stack_name: Optional[str] = "stac
    stacks = portainer.StacksApi(client)
    # Then, deploy the substacks using the API
    print("Deploying substacks via portainer API")
    # portainer_deploy_stack("secrets", stacks, endpoint_id)
    portainer_deploy_stack("networks", stacks, endpoint_id)
-    # portainer_deploy_stack("volumes", stacks, endpoint_id)
+    portainer_deploy_stack("volumes", stacks, endpoint_id)
-    # portainer_deploy_stack("backend", stacks, endpoint_id)
+    portainer_deploy_stack("backend", stacks, endpoint_id)
-    # portainer_deploy_stack("frontend", stacks, endpoint_id)
+    portainer_deploy_stack("frontend", stacks, endpoint_id)
    print("Stack deployed!")
--- a/frontend.yaml
+++ b/frontend.yaml
@@ -7,13 +7,14 @@ services:
    ports:
      - "3000:3000"
    volumes:
-      - grafana:/var/lib/grafana
+      - stack_grafana:/var/lib/grafana
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
    networks:
-      - i-form_research_server_stack
+      i-form_research_server_stack:
        ipv4_address: "172.252.0.12"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.go.rule=Path(`/`)"
@@ -31,7 +32,8 @@ services:
      restart_policy:
        condition: on-failure
    networks:
-      - i-form_research_server_stack
+      i-form_research_server_stack:
        ipv4_address: "172.252.0.13"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.go.rule=Path(`/`)"
@@ -43,9 +45,10 @@ services:
    ports:
      - "8082:8080"
    volumes:
-      - senaite:/data
+      - stack_senaite:/data
    networks:
-      - i-form_research_server_stack
+      i-form_research_server_stack:
        ipv4_address: "172.252.0.14"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.go.rule=Path(`/`)"
@@ -53,14 +56,10 @@ services:
  # We also need to add a service for the elabftw instance and its database
  elabftw:
    image: elabftw/elabimg:latest
    # tty: true
    # stdin_open: true
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
    depends_on:
      - mysql
    cap_drop:
      - ALL
    cap_add:
@@ -74,7 +73,7 @@ services:
      - elabftw_secret_key
    environment:
      SECRET_KEY: /run/secrets/elabftw_secret_key
-      DB_HOST: "localhost"
+      DB_HOST: "172.252.0.7"
      DB_PORT: "3306"
      DB_NAME: "elabftw"
      DB_USER: "elabftw"
@@ -85,22 +84,80 @@ services:
      TZ: "Europe/Paris"
      SERVER_NAME: "I-Form eLabFTW"
      SITE_URL: "127.0.0.1:443" # "elab.i-form.ie"
-      DISABLE_HTTPS: 1
+      # DISABLE_HTTPS: 1
      ENABLE_LETSENCRYPT: 0
    ports:
-      - "3148:443"
+      - "443:443"
      # - "443:443"
    volumes:
-      - elabftw_uploads:/elabftw/uploads
+      - stack_elabftw_uploads:/elabftw/uploads
-      - elabftw_var:/var/elabftw
+      - stack_elabftw_var:/var/elabftw
-      - elabftw_etc:/etc/elabftw
+      - stack_elabftw_etc:/etc/elabftw
      # if you have enabled letsencrypt, uncomment the line below
      # path to the folder with TLS certificate + private key
      # host:container
      #- /etc/letsencrypt:/ssl
    networks:
-      - i-form_research_server_stack
+      i-form_research_server_stack:
        ipv4_address: "172.252.0.15"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.go.rule=Path(`/`)"
      - "traefik.http.services.go.loadbalancer.server.port=443"
 networks:
  i-form_research_server_stack:
    external: true
 volumes:
  stack_rsync_run:
    external: true
  stack_rsync_log:
    external: true
  stack_rsync_etc:
    external: true
  stack_traefik:
    external: true
  stack_letsencrypt:
    external: true
  stack_coredns:
    external: true
  stack_web:
    external: true
  stack_grafana:
    external: true
  stack_dataverse:
    external: true
  stack_dataverse_db:
    external: true
  stack_dataverse_secrets:
    external: true
  stack_dataverse_solr_data:
    external: true
  stack_dataverse_triggers:
    external: true
  stack_dataverse_solr:
    external: true
  stack_dataverse_minio:
    external: true
  stack_dataverse_config:
    external: true
  stack_dataverse_schema:
    external: true
  stack_dataverse_init:
    external: true
  stack_dataverse_data:
    external: true
  stack_dataverse_docroot:
    external: true
  stack_neo4j:
    external: true
  stack_senaite:
    external: true
  stack_elabftw_uploads:
    external: true
  stack_elabftw_var:
    external: true
  stack_elabftw_etc:
    external: true
  stack_elabftw_sql:
    external: true