Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support 'opensearch' as local host variation #308

Merged
merged 1 commit into from
Jan 23, 2024
Merged

Support 'opensearch' as local host variation #308

merged 1 commit into from
Jan 23, 2024

Conversation

ghukill
Copy link
Contributor

@ghukill ghukill commented Jan 23, 2024
edited
Loading

What does this PR do?

This PR allows setting TIMDEX_OPENSEARCH_ENDPOINT="opensearch" while still triggering the local connection code path, setting up a connection to Opensearch without SSL, no authentication, looking for the running Opensearch instance on host/port opensearch:9200.

As long as a container running Opensearch and this TIM container share a docker network (e.g. timdex-index-manager_opensearch-local-net which the new docker compose file sets), this TIM project can reach Opensearch by using the connection host opensearch:9200.

Helpful background context

Previously, only the string localhost (or omitting setting TIMDEX_OPENSEARCH_ENDPOINT) would trigger the code path to setup an Opensearch connection to a locally running instance. This proved problematic when attempting to have a docker container (e.g. this TIM application) connect to another docker container (e.g. an Opensearch instance) because localhost was pointing at the calling TIM container and could not see the other. Setting network_mode="host" did not work either, as the TIM container still could not reach the other docker container running Opensearch.

How can a reviewer manually see the effects of these changes?

1- Build a local docker container for TIM:

make dist-dev

2- Run Opensearch locally,:

docker compose up

Note that this creates a docker network called timdex-index-manager_opensearch-local-net based on the directory name + network name set in the compose file:

[+] Running 4/4
 ✔ Network timdex-index-manager_opensearch-local-net    Created  <--------------------------
 ✔ Volume "timdex-index-manager_opensearch-local-data"  Created
 ✔ Container timdex-index-manager-opensearch-1          Created
 ✔ Container timdex-index-manager-dashboard-1           Created

3- Invoke TIM via a docker container, setting the env var TIMDEX_OPENSEARCH_ENDPOINT="opensearch" and docker network name, and confirm that it makes a successful request to a locally running Opensearch instance by way of the opensearch host:

docker run \
-e "TIMDEX_OPENSEARCH_ENDPOINT=opensearch" \
--network "timdex-index-manager_opensearch-local-net" \
timdex-index-manager-dev:latest \
ping

Expected output:

2024-01-23 15:08:58,251 INFO tim.cli.main(): Logger 'root' configured with level=INFO
2024-01-23 15:08:58,252 INFO tim.cli.main(): No Sentry DSN found, exceptions will not be sent to Sentry
2024-01-23 15:08:58,252 INFO tim.opensearch.configure_opensearch_client(): OpenSearch request configurations: {'OPENSEARCH_BULK_MAX_CHUNK_BYTES': 104857600, 'OPENSEARCH_BULK_MAX_RETRIES': 50, 'OPENSEARCH_REQUEST_TIMEOUT': 120}
2024-01-23 15:08:58,253 INFO tim.cli.main(): OpenSearch client configured for endpoint 'opensearch'

Name: docker-cluster
UUID: J3QlOm1iQLGI33ziudU0nQ
OpenSearch version: 2.11.1
Lucene version: 9.7.0

2024-01-23 15:08:58,287 INFO tim.cli.log_process_time(): Total time to complete process: 0:00:00.035351

Includes new or updated dependencies?

NO

What are the relevant tickets?

None

Developer

  • All new ENV is documented in README (or there is none)
  • Stakeholder approval has been confirmed (or is not needed)

Code Reviewer

  • The commit message is clear and follows our guidelines (not just this pull request message)
  • There are appropriate tests covering any new functionality
  • The documentation has been updated or is unnecessary
  • The changes have been verified
  • New dependencies are appropriate or there were no changes

@ghukill
Support 'opensearch' as local host variation
d6fcce5 
Why these changes are being introduced:
Previously, only the string 'localhost' would trigger the code path to setup an Opensearch connection
to a locally running instance.  This proved problematic when attempting to have a docker container (e.g.
this TIM project) connect to another docker container (e.g. an Opensearch instance) because 'localhost'
was pointing at the calling TIM container and could not see the other.

By allowing the string 'opensearch' to also trigger the code path for a local connection, setting
the host to 'opensearch', this allows using docker networks and/or container names where one container
can make requests to opensearch on the host 'opensearch'.

How this addresses that need:
* both 'localhost' and 'opensearch' trigger a non SSL, non authenticated opensearch connection
* this TIM project running as a container can access an Opensearch client on the 'opensearch' host

Side effects of this change:
* None; the simple string 'opensearch' would not resolve to an actual, AWS deployed Opensearch instance

Relevant ticket(s):
* None
@ghukill ghukill requested review from JPrevost and ehanson8 January 23, 2024 15:13
JPrevost
JPrevost approved these changes Jan 23, 2024
View reviewed changes
Copy link
Member

@JPrevost JPrevost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice.

Slight adjustment to the instructions in case anyone comes back to see this later.

docker run -e "TIMDEX_OPENSEARCH_ENDPOINT=opensearch" --network "timdex-index-manager_opensearch-local-net" timdex-index-manager-dev:latest ping

is the command, not tim ping because of our dockerfile.

A future idea to consider would be to add tim to the composer file and then spin up bash in the tim container to work fully containerized with only one compose command. This works great as-is though so that isn't blocking by any means.

@ghukill
Copy link
Contributor Author

ghukill commented Jan 23, 2024
edited
Loading

Nice.

Slight adjustment to the instructions in case anyone comes back to see this later.

docker run -e "TIMDEX_OPENSEARCH_ENDPOINT=opensearch" --network "timdex-index-manager_opensearch-local-net" timdex-index-manager-dev:latest ping

is the command, not tim ping because of our dockerfile.

A future idea to consider would be to add tim to the composer file and then spin up bash in the tim container to work fully containerized with only one compose command. This works great as-is though so that isn't blocking by any means.

Ah, I see what you're saying about a single compose file. Agreed. My context was a bit different where I'm running the GeoHarvester, Transmog, and TIM all as containers, and therefore needed to be able to call TIM in a "normal", new container, single command kind of way. But for dev work specifically on TIM, totally agreed that a single compose file that pulls them all in would be great.

And thanks for the command fix! Updated in the PR.

@ghukill ghukill merged commit 47f230a into main Jan 23, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehanson8 ehanson8 ehanson8 approved these changes

@JPrevost JPrevost JPrevost approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ghukill @JPrevost @ehanson8