From 02e045974b6b0fd0bf59cf709bdd2c5dae955e62 Mon Sep 17 00:00:00 2001 From: Riku Rouvila Date: Wed, 18 Sep 2024 14:40:28 +0300 Subject: [PATCH] try different approach for networking so dependencies wouldnt have to be restarted --- infrastructure/deployment/deploy.sh | 12 +----- infrastructure/docker-compose.app.yml | 56 +++++++++++++-------------- 2 files changed, 29 insertions(+), 39 deletions(-) diff --git a/infrastructure/deployment/deploy.sh b/infrastructure/deployment/deploy.sh index 37fba077..93053641 100755 --- a/infrastructure/deployment/deploy.sh +++ b/infrastructure/deployment/deploy.sh @@ -302,22 +302,13 @@ docker_stack_deploy() { EXISTING_STACKS=$(configured_ssh 'docker stack ls --format "{{ .Name }}" | grep -v "dependencies" | paste -sd "," -') - configured_rsync -rlD $SSH_USER@$SSH_HOST:/opt/opencrvs/infrastructure/docker-compose.dependencies.yml ./infrastructure/docker-compose.dependencies.yml - - REFRESH_DEPENDENCY_NETWORKS=false - if echo $EXISTING_STACKS | grep -w $STACK > /dev/null; then echo "Stack $STACK exists" - npx tsx infrastructure/deployment/add-networks.ts infrastructure/docker-compose.dependencies.yml "$EXISTING_STACKS" > ./docker-compose.dependencies.yml else echo "Stack $STACK doesnt exist. Creating" - REFRESH_DEPENDENCY_NETWORKS=true - npx tsx infrastructure/deployment/add-networks.ts infrastructure/docker-compose.dependencies.yml "$EXISTING_STACKS,$STACK" > ./docker-compose.dependencies.yml fi - configured_rsync -rlD ./docker-compose.dependencies.yml $SSH_USER@$SSH_HOST:/opt/opencrvs/infrastructure/docker-compose.dependencies.yml - - if [ "$REFRESH_DEPENDENCY_NETWORKS" = true ] || [ "$UPDATE_DEPENDENCIES" = true ]; then + if [ "$UPDATE_DEPENDENCIES" = true ]; then echo "Updating dependency stack" configured_ssh 'cd /opt/opencrvs && \ docker stack deploy --prune -c '$(split_and_join " " " -c " "$(to_remote_paths $DEPENDENCY_COMPOSE_FILES)")' --with-registry-auth dependencies' @@ -326,7 +317,6 @@ docker_stack_deploy() { configured_ssh 'cd /opt/opencrvs && \ docker stack deploy --prune -c '$(split_and_join " " " -c " "$(to_remote_paths $APPLICATION_COMPOSE_FILES)")' --with-registry-auth '$STACK - } validate_options diff --git a/infrastructure/docker-compose.app.yml b/infrastructure/docker-compose.app.yml index 8d807c87..f0bac26f 100644 --- a/infrastructure/docker-compose.app.yml +++ b/infrastructure/docker-compose.app.yml @@ -20,7 +20,7 @@ services: target: /src/hearth/config/queryparam-extensions.json networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -47,7 +47,7 @@ services: - 'traefik.enable=false' networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -70,7 +70,7 @@ services: - 'traefik.http.routers.${STACK}__countryconfig.tls.domains[0].sans=*.${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__countryconfig.entrypoints=web,websecure' - 'traefik.http.routers.${STACK}__countryconfig.middlewares=gzip-compression' - - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net' + - 'traefik.docker.network=dependencies_internal_net - 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.Pragma=no-cache' - 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.Cache-control=no-store' - 'traefik.http.middlewares.${STACK}__countryconfig.headers.customresponseheaders.X-Robots-Tag=none' @@ -118,7 +118,7 @@ services: - DOMAIN=${STACK}.{{hostname}} networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -143,7 +143,7 @@ services: - 'traefik.http.routers.${STACK}__login.tls.domains[0].sans=*.${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__login.entrypoints=web,websecure' - 'traefik.http.routers.${STACK}__login.middlewares=gzip-compression' - - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net' + - 'traefik.docker.network=dependencies_internal_net - 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.Pragma=no-cache' - 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.Cache-control=no-store' - 'traefik.http.middlewares.${STACK}__login.headers.customresponseheaders.X-Robots-Tag=none' @@ -153,7 +153,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -180,7 +180,7 @@ services: - 'traefik.http.routers.${STACK}__client.tls.domains[0].main=${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__client.tls.domains[0].sans=*.${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__client.entrypoints=web,websecure' - - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net' + - 'traefik.docker.network=dependencies_internal_net - 'traefik.http.middlewares.${STACK}__test-replacepathregex.redirectregex.permanent=true' - 'traefik.http.middlewares.${STACK}__test-replacepathregex.redirectregex.regex=^https?://${STACK}.{{hostname}}/(.*)' @@ -194,7 +194,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -244,7 +244,7 @@ services: - 'traefik.http.routers.${STACK}__gateway.tls.domains[0].sans=*.${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__gateway.entrypoints=web,websecure' - 'traefik.http.routers.${STACK}__gateway.middlewares=gzip-compression' - - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net' + - 'traefik.docker.network=dependencies_internal_net - 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.Pragma=no-cache' - 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.Cache-control=no-store' - 'traefik.http.middlewares.${STACK}__gateway.headers.customresponseheaders.X-Robots-Tag=none' @@ -254,7 +254,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -289,7 +289,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -319,7 +319,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -343,7 +343,7 @@ services: - '/opt/opencrvs/infrastructure/elasticsearch:/usr/app' networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net deploy: labels: - 'traefik.enable=false' @@ -391,7 +391,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -431,7 +431,7 @@ services: - 'traefik.http.routers.${STACK}__auth.tls.domains[0].main=${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__auth.tls.domains[0].sans=*.${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__auth.entrypoints=web,websecure' - - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net' + - 'traefik.docker.network=dependencies_internal_net - 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.Pragma=no-cache' - 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.Cache-control=no-store' - 'traefik.http.middlewares.${STACK}__auth.headers.customresponseheaders.X-Robots-Tag=none' @@ -441,7 +441,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -472,7 +472,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -506,7 +506,7 @@ services: - 'traefik.http.routers.${STACK}__webhooks.tls.domains[0].main=${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__webhooks.tls.domains[0].sans=*.${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__webhooks.entrypoints=web,websecure' - - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net' + - 'traefik.docker.network=dependencies_internal_net - 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.Pragma=no-cache' - 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.Cache-control=no-store' - 'traefik.http.middlewares.${STACK}__webhooks.headers.customresponseheaders.X-Robots-Tag=none' @@ -516,7 +516,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -557,7 +557,7 @@ services: - 'traefik.http.routers.${STACK}__config.tls.domains[0].main=${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__config.tls.domains[0].sans=*.${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__config.entrypoints=web,websecure' - - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net' + - 'traefik.docker.network=dependencies_internal_net - 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.Pragma=no-cache' - 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.Cache-control=no-store' - 'traefik.http.middlewares.${STACK}__config.headers.customresponseheaders.X-Robots-Tag=none' @@ -570,7 +570,7 @@ services: replicas: 1 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -600,7 +600,7 @@ services: - COUNTRY_CONFIG_URL=http://countryconfig.{{STACK}}_{{STACK}}_app_net:3040 networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -619,7 +619,7 @@ services: - 'traefik.enable=false' networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -659,7 +659,7 @@ services: condition: on-failure networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -694,7 +694,7 @@ services: - NOTIFICATION_MONGODB_PASSWORD=${NOTIFICATION_MONGODB_PASSWORD} networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net logging: driver: gelf options: @@ -709,7 +709,7 @@ services: - /opt/opencrvs/infrastructure/metabase/metabase.init.db.sql:/metabase.init.db.sql networks: - {{STACK}}_app_net - - dependencies_{{STACK}}_dependencies_net + - dependencies_internal_net environment: - QA_ENV=true - HOST=0.0.0.0 @@ -737,7 +737,7 @@ services: - 'traefik.http.routers.${STACK}__metabase.tls.domains[0].main=${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__metabase.tls.domains[0].sans=*.${STACK}.{{hostname}}' - 'traefik.http.routers.${STACK}__metabase.entrypoints=web,websecure' - - 'traefik.docker.network=dependencies_{{STACK}}_dependencies_net' + - 'traefik.docker.network=dependencies_internal_net - 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.Pragma=no-cache' - 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.Cache-control=no-store' - 'traefik.http.middlewares.${STACK}__metabase.headers.customresponseheaders.X-Robots-Tag=none' @@ -761,7 +761,7 @@ configs: mongo-on-deploy.{{ts}}: file: /opt/opencrvs/infrastructure/mongodb/on-deploy.sh networks: - dependencies_{{STACK}}_dependencies_net: + dependencies_internal_net: external: true {{STACK}}_app_net: driver: overlay