diff --git a/.dockerignore b/.dockerignore index 360395f06b..3b43e3825c 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,6 +1,9 @@ ### IDE files .idea/ +### Composer files +auth.json + ### GIT files .git # Skipped as it makes build very slow and since it is needed by composer when working on dev branches @@ -24,7 +27,7 @@ var/sessions/* !var/logs/.gitkeep !var/sessions/.gitkeep -# Parameters (should be regenerated in contianer) +# Parameters (should be regenerated in container) app/config/parameters.yml # Managed by Composer diff --git a/.env b/.env index a39125907d..f07b2ec3c6 100644 --- a/.env +++ b/.env @@ -16,10 +16,10 @@ MYSQL_IMAGE=healthcheck/mariadb SELENIUM_IMAGE=selenium/standalone-chrome-debug:3.4.0 REDIS_IMAGE=healthcheck/redis -# App image name for use if you intend to push it to docker registry/hub. -APP_PROD_IMAGE=my-ez-app APP_DOCKER_FILE=Dockerfile +DATASET_VARDIR=my-ez-app + # Install config, used by .platform.app.yaml among others INSTALL_EZ_INSTALL_TYPE=studio-clean @@ -27,3 +27,8 @@ INSTALL_EZ_INSTALL_TYPE=studio-clean ## web host refer to the tip of the setup, so varnish if that is used. WEB_HOST=web SELENIUM_HOST=selenium + +# Enable recommendations by setting valid id, key and uri +#RECOMMENDATIONS_CUSTOMER_ID="" +#RECOMMENDATIONS_LICENSE_KEY="" +#PUBLIC_SERVER_URI="" diff --git a/.travis.yml b/.travis.yml index cde6c19e37..fe8b58390f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,7 +16,7 @@ env: - SYMFONY_DEBUG=1 # list of behat arguments to test matrix: - - TEST_CMD="bin/behat -vv --profile=rest --suite=fullJson --tags=~@broken" COMPOSE_FILE="doc/docker/base-prod.yml:doc/docker/varnish.yml:doc/docker/selenium.yml" WEB_HOST="varnish" + - TEST_CMD="bin/behat -vv --profile=rest --suite=fullJson --tags=~@broken" COMPOSE_FILE="doc/docker/base-dev.yml:doc/docker/varnish.yml:doc/docker/selenium.yml" WEB_HOST="varnish" - TEST_CMD="bin/behat -vv --profile=rest --suite=fullXml --tags=~@broken" - TEST_CMD="bin/behat -vv --profile=core --tags=~@broken" - TEST_CMD="bin/phpunit -v vendor/ezsystems/ezpublish-kernel/eZ/Bundle/EzPublishRestBundle/Tests/Functional" diff --git a/Dockerfile b/Dockerfile index 7441fa74ec..03773bfc31 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,4 @@ -FROM ezsystems/php:7.1-v1 - -# Build argument about keeping auth.json or not (by default on as prod images should'nt get updates via composer update) -ARG REMOVE_AUTH=1 +FROM ezsystems/php:7.1-v1 as builder # This is prod image (for dev use just mount your application as host volume into php image we extend here) ENV SYMFONY_ENV=prod @@ -13,14 +10,30 @@ COPY . /var/www RUN if [ -d .git ]; then echo "ERROR: .dockerignore folders detected, exiting" && exit 1; fi # Install and prepare install -RUN mkdir -p web/var \ - && composer install --optimize-autoloader --no-progress --no-interaction --no-suggest --prefer-dist \ +RUN mkdir -p web/var +# For now, only run composer in order to generate parameters.yml +RUN composer run-script post-install-cmd --no-interaction +RUN composer dump-autoload --optimize + +# Next, remove everything we don't want to be copied to next build stage # Clear cache again so env variables are taken into account on startup - && rm -Rf app/logs/* app/cache/*/* \ +RUN rm -Rf app/logs/* app/cache/*/* +# Looks like we need to keep web/bundles ( like web/bundles/ezstudioui/js/views/ezs-landingpageview.js ) or else +# urls like http://localhost:8080/_ezcombo?/bundles/ezstudioui/js/views/ezs-landingpageview.js&/tpl/handlebars/studiolandingpageconfigview-ez-template.js&/bundles/ezstudioui/js/views/ezs-landingpageconfigview.js&/tpl/handlebars/studiolayoutselectorview-ez-template.js&/bundles/ezstudioui/js/views/ezs-layoutselectorview.js&/tpl/handlebars/studiolandingpageconfigpopupformview-ez-template.js&/bundles/ezstudioui/js/views/forms/ezs-landingpageconfigpopupformview.js&/tpl/handlebars/landingpagecreatorview-ez-template.js&/bundles/ezsystemsformbuilder/js/models/fb-formfield-model.js&/bundles/ezsystemsformbuilder/js/lists/fb-formfields-modellist.js&/bundles/ezsystemsformbuilder/js/models/fb-formpage-model.js&/bundles/ezsystemsformbuilder/js/lists/fb-formpages-modellist.js&/bundles/ezsystemsformbuilder/js/models/fb-form-model.js&/tpl/handlebars/fbbasetabview-ez-template.js&/bundles/ezsystemsformbuilder/js/tabs/fb-base-tabview.js&/tpl/handlebars/fbpanelview-ez-template.js&/bundles/ezsystemsformbuilder/js/panels/fb-panelview.js +# will not work when loading http://localhost:8080/ez +# The other directories (except web/var) can be removed as they will be located in the web (nginx) image +# web/var can be removed as will be mounted via vardir volume +RUN rm -rf web/css web/fonts web/js web/var + + +FROM ezsystems/php:7.1-v1 + +# This is prod image (for dev use just mount your application as host volume into php image we extend here) +ENV SYMFONY_ENV=prod + +COPY --from=builder /var/www /var/www + # Fix permissions for www-data - && chown -R www-data:www-data app/cache app/logs web/var \ - && find app/cache app/logs web/var -type d -print0 | xargs -0 chmod -R 775 \ - && find app/cache app/logs web/var -type f -print0 | xargs -0 chmod -R 664 \ -# Remove composer cache to avoid it taking space in image - && rm -rf ~/.composer/*/* \ - && [ "$REMOVE_AUTH" = "1" ] && rm -f auth.json +RUN chown -R www-data:www-data app/cache app/logs \ + && find app/cache app/logs -type d -print0 | xargs -0 chmod -R 775 \ + && find app/cache app/logs -type f -print0 | xargs -0 chmod -R 664 \ No newline at end of file diff --git a/doc/docker/Dockerfile-dbdump b/doc/docker/Dockerfile-dbdump new file mode 100644 index 0000000000..8c9490207a --- /dev/null +++ b/doc/docker/Dockerfile-dbdump @@ -0,0 +1,9 @@ +FROM busybox + +copy doc/docker/entrypoint/mysql/2_dump.sql /dbdump/ezp.sql + +VOLUME ["/dbdump"] + + +CMD ["/bin/true"] + diff --git a/doc/docker/Dockerfile-distribution b/doc/docker/Dockerfile-distribution new file mode 100644 index 0000000000..a069fb2736 --- /dev/null +++ b/doc/docker/Dockerfile-distribution @@ -0,0 +1,19 @@ +# Note : if you set the environment variable COMPOSE_PROJECT_NAME to a non-default value, you'll need to change the +# image name in here too +FROM docker_app as builder + +RUN composer config extra.symfony-assets-install hard +RUN composer run-script post-install-cmd --no-interaction + +FROM busybox + +COPY --from=builder /var/www /var/www + +WORKDIR /var/www + +# Fix permissions for www-data +RUN chown -R www-data:www-data app/cache app/logs \ + && find app/cache app/logs -type d -print0 | xargs -0 chmod -R 775 \ + && find app/cache app/logs -type f -print0 | xargs -0 chmod -R 664 + +VOLUME ["/var/www"] diff --git a/doc/docker/Dockerfile-vardir b/doc/docker/Dockerfile-vardir new file mode 100644 index 0000000000..aff6c4c423 --- /dev/null +++ b/doc/docker/Dockerfile-vardir @@ -0,0 +1,14 @@ +FROM busybox + +COPY ./web/var /var/www/web/var + +WORKDIR /var/www + +# Fix permissions for www-data +RUN chown -R www-data:www-data web/var \ + && find web/var -type d -print0 | xargs -0 chmod -R 775 \ + && find web/var -type f -print0 | xargs -0 chmod -R 664 + +VOLUME ["/var/www/web/var"] + +CMD ["/bin/true"] diff --git a/doc/docker/Dockerfile-varnish b/doc/docker/Dockerfile-varnish index 7550088076..86fa545d68 100644 --- a/doc/docker/Dockerfile-varnish +++ b/doc/docker/Dockerfile-varnish @@ -6,7 +6,7 @@ ENV VARNISH_MALLOC_SIZE="256M" \ ARG PACKAGECLOUD_URL=https://packagecloud.io/install/repositories/varnishcache/varnish5/script.deb.sh ARG VARNISH_MODULES_VERSION=0.12.1 -# Use offical packages from Varnish and build with varnish-modules mainly for xkey +# Use official packages from Varnish and build with varnish-modules mainly for xkey # see: https://github.com/varnish/varnish-modules/tree/master/docs RUN set -xe \ && buildDeps=" \ @@ -25,9 +25,9 @@ RUN set -xe \ " \ # Update apt and get dependencies && apt-get update -q -y \ - && apt-get install -q -y --no-install-recommends ca-certificates curl \ + && apt-get install -q -y --no-install-recommends ca-certificates curl bc net-tools \ \ - # Get offical Varnish package + # Get official Varnish package && curl -s ${PACKAGECLOUD_URL} | bash \ && apt-get install -q -y --allow-unauthenticated --no-install-recommends varnish $buildDeps \ \ @@ -47,8 +47,8 @@ RUN set -xe \ COPY doc/varnish/vcl/varnish4.vcl /etc/varnish/default.vcl COPY doc/docker/entrypoint/varnish/parameters.vcl /etc/varnish/parameters.vcl +COPY doc/docker/entrypoint/varnish/entrypoint.sh /entrypoint.sh EXPOSE 80 6082 -# CMD in shell form to be able to use env variables here -CMD varnishd -F -a :80 -T :6082 -f /etc/varnish/default.vcl -s malloc,${VARNISH_MALLOC_SIZE} +ENTRYPOINT ["/entrypoint.sh"] diff --git a/doc/docker/README.md b/doc/docker/README.md index 71c80346ea..1759f158b7 100644 --- a/doc/docker/README.md +++ b/doc/docker/README.md @@ -32,6 +32,8 @@ installed on your machine. The current Docker Compose files are made to be mixed and matched together for QA/Support use cases. Currently available: - base-prod.yml _(required, always needs to be first, contains: db, web and app container)_ - base-dev.yml _(alternative to `base-prod.yml`, same applies here if used)_ +- create-dataset.yml _(optional, to be used together with base-prod.yml in order to set up db and vardir)_ +- demo.yml _(optional, to be used together with base-prod.yml in order to set up db and vardir)_ - blackfire.yml _(optional, adds blackfire service and lets you trigger profiling against the setup)_ - redis.yml _(optional, adds redis service and appends config to app)_ - varnish.yml _(optional, adds varnish service and appends config to app)_ @@ -41,7 +43,7 @@ The current Docker Compose files are made to be mixed and matched together for Q These can be used with `-f` argument on docker-compose, like: ```bash -docker-compose -f doc/docker/base-prod.yml -f doc/docker/redis.yml up -d --force-recreate +docker-compose -f doc/docker/base-prod.yml -f doc/docker/create-dataset.yml -f doc/docker/demo.yml -f doc/docker/redis.yml up -d --force-recreate ``` However below environment variable `COMPOSE_FILE` is used instead since this is also what is used to have a default in @@ -50,18 +52,27 @@ However below environment variable `COMPOSE_FILE` is used instead since this is ## Project setup -### Production / Demo "image" use +### Demo "image" use + +Using this approach, everything will run in containers and volumes. This means that if you for instance upload a image +using the eZ Platform backend, that image will land in a volume, not somewhere below web/var/ in your project directory. From root of your projects clone of this distribution, [setup composer auth.json](#composer) and execute the following: ```sh -export COMPOSE_FILE=doc/docker/base-prod.yml +export COMPOSE_FILE=doc/docker/base-prod.yml:doc/docker/create-dataset.yml:doc/docker/demo.yml # Optional step if you'd like to use blackfire with the setup, change and with your own values -#export COMPOSE_FILE=doc/docker/base-prod.yml:doc/docker/blackfire.yml BLACKFIRE_SERVER_ID= BLACKFIRE_SERVER_TOKEN= +#export COMPOSE_FILE=doc/docker/base-prod.yml:doc/docker/create-dataset.yml:doc/docker/demo.yml:doc/docker/blackfire.yml BLACKFIRE_SERVER_ID= BLACKFIRE_SERVER_TOKEN= # First time: Install setup, and generate database dump: docker-compose -f doc/docker/install.yml up --abort-on-container-exit +# Optionally, build dbdump and vardir images. +# The dbdump image is created based on doc/docker/entrypoint/mysql/2_dump.sql which is created by install.yml +# The vardir image is created based on the content of web/var +# If you don't build these image explicitly, they will automaticly be builded later when running `docker-compose up` +docker-compose build dataset-vardir dataset-dbdump + # Boot up full setup: docker-compose up -d --force-recreate ``` @@ -70,6 +81,8 @@ After some 5-10 seconds you should be able to browse the site on `localhost:8080 ### Development "mount" use +Using this approach, your project directory will be bind mounted into the nginx and php containers. So if you change a +php file in for instance src/, that change will kick in automatically. Warning: *Dev setup works a lot faster on Linux then on Windows/Mac where Docker uses virtual machines using shared folders by default under the hood, which leads to much slower IO performance.* @@ -118,6 +131,100 @@ docker-compose exec --user www-data app sh -c "php /scripts/wait_for_db.php; php docker-compose exec --user www-data app app/console ezplatform:install clean ``` +### Production use + +#### Example: Building app with php image + +In this example we'll build a app image which includes both php (php_fpm) and the eZ Platform application and run them +in a swarm cluster using docker stack. + +Prerequisite: +- A running [swarm cluster](https://docs.docker.com/engine/swarm/swarm-tutorial/) ( a one-node cluster is sufficient for running this example ) +- A running NFS server. How to configure a nfs server is distro dependent, but this [ubuntu guide](https://help.ubuntu.com/community/NFSv4Howto) might be of help +- A running [docker registry](https://docs.docker.com/registry/deploying/#managing-with-compose) (Only required if your swarm cluster has more than one node) + +In this example we assume your swarm manager is named `swarmmanager` and that this hostname resolves on all swarm hosts. We also assume that the nfs server and docker registry are running on `swarmmanager`. + +All the commands below should be executed on your `swarmmanager` + +```sh +# If not already done, install setup, and generate database dump : +docker-compose -f doc/docker/install.yml up --abort-on-container-exit + +# Build docker_app and docker_web images ( php and nginx ) +docker-compose -f doc/docker/base-prod.yml build --no-cache app web + +# Build varnish image +docker-compose -f doc/docker/base-prod.yml -f doc/docker/varnish.yml build --no-cache varnish + +# Create dataset images ( my-ez-app-dataset-dbdump and my-ez-app-dataset-vardir ) +# The dataset images contains a dump of the database and a dump of the var/ files ( located in web/var ) +docker-compose -f doc/docker/create-dataset.yml build --no-cache + +# Tag the images +docker tag docker_dataset-dbdump swarmmanager:5000/my-ez-app/dataset-dbdump +docker tag docker_dataset-vardir swarmmanager:5000/my-ez-app/dataset-vardir +docker tag docker_web swarmmanager:5000/my-ez-app/web +docker tag docker_app swarmmanager:5000/my-ez-app/app +docker tag docker_varnish swarmmanager:5000/my-ez-app/varnish + +# Upload the images to the registry ( only needed if your swarm cluster has more than one node) +docker push swarmmanager:5000/my-ez-app/dataset-dbdump +docker push swarmmanager:5000/my-ez-app/dataset-vardir +docker push swarmmanager:5000/my-ez-app/web +docker push swarmmanager:5000/my-ez-app/app +docker push swarmmanager:5000/my-ez-app/varnish + +# In this example we run the database in a separate stack so that you may easily have multiple eZ Platform installations using the same database instance +docker stack deploy --compose-file doc/docker/db-stack.yml stack-db + +# Now, wait a half a minute to ensure that the database is ready to accept incomming requests before continuing + +# Now, load the database dump into the db and the var dir to the nfs server +docker-compose -f doc/docker/import-dataset.yml up + +# Finally, create the eZ Platform stack +docker stack deploy --compose-file doc/docker/my-ez-app-stack.yml my-ez-app-stack + +# Cleanup +# If you want to remove the stacks again: +docker stack rm my-ez-app-stack +sleep 15 +docker stack rm stack-db +sleep 15 +docker volume rm my-ez-app-stack_vardir +docker volume rm stack-db_mysql +``` + +#### Example: Separating app and php + +In this alternative way of running eZ Platform, the eZ Platform code and PHP executables are separated in two different +images. The upside of this is that it gets easier to upgrade PHP ( or any other distro applications ) independently +of eZ Platform; simply just replace the PHP container with an updated one without having to rebuild the eZ Platform +image. The downside of this approach is that all eZ Platform code is copied to a volume so that it can be shared with +other containers. This means bigger disk space footprint and longer loading time of the containers. +It is also more complicated to make this approach work with docker stack so only a docker-compose example is provided. + +Note that if you set the environment variable COMPOSE_PROJECT_NAME to a non-default value, you'll need to change the image name in +doc/docker/Dockerfile-distribution accordingly. + +```sh +export COMPOSE_FILE=doc/docker/base-prod.yml:doc/docker/create-dataset.yml:doc/docker/distribution.yml +# If not already done, install setup, and generate database dump : +docker-compose -f doc/docker/install.yml up --abort-on-container-exit + +# Build docker_app and docker_web images ( php and nginx ) +# The docker_app image (which contain both php and eZ Platform) will be used as base image when creating the image which +# only contains the eZ Platform files. +docker-compose -f doc/docker/base-prod.yml build --no-cache app + +# Optional, only build the images, do not create containers +docker-compose build --no-cache distribution + +# Build the "distribution" and dataset images, then start the containers +docker-compose up -d +``` + ## Further info ### Configuring Composer diff --git a/doc/docker/base-dev.yml b/doc/docker/base-dev.yml index ab156a9a70..721848b917 100644 --- a/doc/docker/base-dev.yml +++ b/doc/docker/base-dev.yml @@ -19,6 +19,9 @@ services: - DATABASE_PASSWORD - DATABASE_NAME - DATABASE_HOST=db + - RECOMMENDATIONS_CUSTOMER_ID + - RECOMMENDATIONS_LICENSE_KEY + - PUBLIC_SERVER_URI networks: - backend @@ -35,7 +38,6 @@ services: - MAX_BODY_SIZE=20 - FASTCGI_PASS=app:9000 - TIMEOUT=190 - - DOCKER0NET command: /bin/bash -c "cd /var/www && cp -a doc/nginx/ez_params.d /etc/nginx && bin/vhost.sh --template-file=doc/nginx/vhost.template > /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'" networks: - frontend diff --git a/doc/docker/base-prod.yml b/doc/docker/base-prod.yml index f77e77d51e..e6072179af 100644 --- a/doc/docker/base-prod.yml +++ b/doc/docker/base-prod.yml @@ -6,7 +6,6 @@ services: build: context: ../../ dockerfile: ${APP_DOCKER_FILE} - image: ${APP_PROD_IMAGE} depends_on: - db environment: @@ -19,6 +18,9 @@ services: - DATABASE_PASSWORD - DATABASE_NAME - DATABASE_HOST=db + - RECOMMENDATIONS_CUSTOMER_ID + - RECOMMENDATIONS_LICENSE_KEY + - PUBLIC_SERVER_URI networks: - backend @@ -35,7 +37,6 @@ services: - MAX_BODY_SIZE=20 - FASTCGI_PASS=app:9000 - TIMEOUT=190 - - DOCKER0NET networks: - frontend - backend @@ -44,7 +45,7 @@ services: image: ${MYSQL_IMAGE} # TODO: Get rid of by having some sort of migration command executed by app container at startup for inserting/updating data (if needed) instead of db dump, as for charset find another way of setting that. volumes: - - ${COMPOSE_DIR}/entrypoint/mysql:/docker-entrypoint-initdb.d/:ro,cached + - dbdump:/docker-entrypoint-initdb.d/:ro environment: - MYSQL_RANDOM_ROOT_PASSWORD=1 - MYSQL_USER=$DATABASE_USER @@ -54,6 +55,10 @@ services: networks: - backend +volumes: + vardir: + dbdump: + networks: frontend: backend: diff --git a/doc/docker/create-dataset.yml b/doc/docker/create-dataset.yml new file mode 100644 index 0000000000..3526753dcd --- /dev/null +++ b/doc/docker/create-dataset.yml @@ -0,0 +1,13 @@ +version: '3.3' +# Config for creating dataset images. To be appended before demo.yml and to be used for generating datasets for prod + +services: + dataset-dbdump: + build: + context: ../../ + dockerfile: doc/docker/Dockerfile-dbdump + + dataset-vardir: + build: + context: ../../ + dockerfile: doc/docker/Dockerfile-vardir diff --git a/doc/docker/db-stack.yml b/doc/docker/db-stack.yml new file mode 100644 index 0000000000..2f182dc825 --- /dev/null +++ b/doc/docker/db-stack.yml @@ -0,0 +1,27 @@ +version: '3.3' +# Config for running mariadb in a docker stack + +services: + db: + image: mariadb:10.1 + volumes: + - ../../doc/docker/entrypoint/mysql/0_database_character_set.sh:/docker-entrypoint-initdb.d/0_database_character_set.sh:ro + - mysql:/var/lib/mysql + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=1 + - MYSQL_USER=ezp + - MYSQL_PASSWORD=SetYourOwnPassword + - MYSQL_DATABASE=ezp + - TERM=dumb + networks: + - db + deploy: + placement: + constraints: [node.role == manager] + +volumes: + mysql: + +networks: + db: + attachable: true diff --git a/doc/docker/demo.yml b/doc/docker/demo.yml new file mode 100644 index 0000000000..1df8fbe2cc --- /dev/null +++ b/doc/docker/demo.yml @@ -0,0 +1,28 @@ +version: '3.3' +# Demo config, to be appended after base-prod.yml and create-dataset.yml + +services: + app: + volumes: + - vardir:/var/www/web/var + depends_on: + - dataset-vardir + + web: + volumes: + - vardir:/var/www/web/var:ro + + dataset-vardir: + volumes: + - vardir:/var/www/web/var:ro + networks: + - backend + + dataset-dbdump: + volumes: + - dbdump:/dbdump:ro + networks: + - backend + +volumes: + vardir: diff --git a/doc/docker/distribution.yml b/doc/docker/distribution.yml new file mode 100644 index 0000000000..811d494d23 --- /dev/null +++ b/doc/docker/distribution.yml @@ -0,0 +1,96 @@ +version: '3.3' +# Single server setup for prod where we have php executables in one image and a distribution image which contains +# the php code. +# To be appended after base-prod.yml and create-dataset.yml + +services: + distribution: + build: + context: . + dockerfile: Dockerfile-distribution + volumes: + - distribution:/var/www + networks: + - backend + + app: + image: ezsystems/php:7.1-v1 + depends_on: + - db + - distribution + - dataset-vardir + environment: + - SYMFONY_ENV=${SYMFONY_ENV-prod} + - SYMFONY_DEBUG + - SYMFONY_HTTP_CACHE + - SYMFONY_HTTP_CACHE_CLASS + - SYMFONY_TRUSTED_PROXIES + - DATABASE_USER + - DATABASE_PASSWORD + - DATABASE_NAME + - DATABASE_HOST=db + - RECOMMENDATIONS_CUSTOMER_ID + - RECOMMENDATIONS_LICENSE_KEY + - PUBLIC_SERVER_URI + networks: + - backend + volumes: + - distribution:/var/www + - vardir:/var/www/web/var + + web: + image: nginx:stable + depends_on: + - distribution + - app + ports: + - "8080:80" + environment: + - SYMFONY_ENV=${SYMFONY_ENV-prod} + - MAX_BODY_SIZE=20 + - FASTCGI_PASS=app:9000 + - TIMEOUT=190 + volumes: + - distribution:/var/www:ro + networks: + - frontend + - backend + command: > + /bin/sh -c " + if [ -e /etc/nginx/ez_params.d ]; then rm /etc/nginx/ez_params.d; fi; + cp -a /var/www/doc/nginx/ez_params.d /etc/nginx/ez_params.d; + cd /var/www && bin/vhost.sh --template-file=doc/nginx/vhost.template > /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'" + + dataset-vardir: + volumes: + - vardir:/var/www/web/var:ro + networks: + - backend + + dataset-dbdump: + volumes: + - dbdump:/dbdump:ro + networks: + - backend + + db: + image: ${MYSQL_IMAGE} + volumes: + - dbdump:/docker-entrypoint-initdb.d/:ro + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=1 + - MYSQL_USER=$DATABASE_USER + - MYSQL_PASSWORD=$DATABASE_PASSWORD + - MYSQL_DATABASE=$DATABASE_NAME + - TERM=dumb + networks: + - backend + +networks: + frontend: + backend: + +volumes: + vardir: + dbdump: + distribution: diff --git a/doc/docker/entrypoint/varnish/entrypoint.sh b/doc/docker/entrypoint/varnish/entrypoint.sh new file mode 100755 index 0000000000..8b53cd2cd9 --- /dev/null +++ b/doc/docker/entrypoint/varnish/entrypoint.sh @@ -0,0 +1,74 @@ +#!/bin/bash + +# Script takes the following parameters: +# [--acl-all-networks] - Add all container's network in the PURGE ACL. +# [--acl-add ...] - Add a host or network segment to the PURGE ACL + +function create_template_file +{ + if [ -f /etc/varnish/parameters.vcl.template ]; then + cp /etc/varnish/parameters.vcl.template /etc/varnish/parameters.vcl + else + cp /etc/varnish/parameters.vcl /etc/varnish/parameters.vcl.template + fi +} + +function get_net_segments +{ + for IP_ADDR in `hostname -I`; do + IFS=. read -r io1 io2 io3 io4 <<< "$IP_ADDR" + IFS=. read -r mo1 mo2 mo3 mo4 mo5 < <(ifconfig -a | sed -n "/inet $IP_ADDR /{ s/.*netmask \(.*\) broadcast.*/\1/;p; }") + if [ "$mo1" == "" ]; then + continue; + fi + mb1=$(echo "obase=2;$mo1"|bc) + mb2=$(echo "obase=2;$mo2"|bc) + mb3=$(echo "obase=2;$mo3"|bc) + mb4=$(echo "obase=2;$mo4"|bc) + + NETMASK=`echo $mb1 $mb2 $mb3 $mb4|tr -cd '1' | wc -c` + NET_ADDR="$((io1 & mo1)).$(($io2 & mo2)).$((io3 & mo3)).$((io4 & mo4))" + + echo $NET_ADDR/$NETMASK + done +} + +# $1 is segment, format 1.2.3.4/24 or myhostname +function add_segment +{ + # convert format 1.2.3.4/24 --> "1.2.3.4"/24; + segment=`echo $1 | sed "s|\(.*\)/\(.*\)|\"\1\"/\2;|"` + + # convert format myhost --> "myhost"; ( any string not containing slash ) + segment=`echo $segment | sed -E "s|^([^/]+)\$|\"\1\";|"` + + echo "Adding network segment to varnish ACL : $segment" + sed -i -s "s|\(.*ACL_INVALIDATOR.*\)| $segment\n\1|" /etc/varnish/parameters.vcl +} + +create_template_file + +while (( "$#" )); do + if [ "$1" = "--acl-all-networks" ]; then + segments=`get_net_segments` + + for segment in `echo $segments`; do + add_segment $segment + done + elif [ "$1" = "--acl-add" ]; then + shift + new_network="$1" + + if [ "$new_network" = "" ]; then + echo "Warning : --acl-add parameter needs to be followed by a network segment, for instance \"--acl-add 10.0.1.0/24\"" + else + add_segment $new_network + fi + else + echo "Warning : Unrecognized parameter $1" + fi + + shift +done + +varnishd -F -a :80 -T :6082 -f /etc/varnish/default.vcl -s malloc,${VARNISH_MALLOC_SIZE} diff --git a/doc/docker/entrypoint/varnish/parameters.vcl b/doc/docker/entrypoint/varnish/parameters.vcl index 14f4111c8b..c3f40c97e4 100644 --- a/doc/docker/entrypoint/varnish/parameters.vcl +++ b/doc/docker/entrypoint/varnish/parameters.vcl @@ -8,8 +8,7 @@ backend ezplatform { // ACL for invalidators IP acl invalidators { "127.0.0.1"; - "172.16.0.0"/20; - "app"; +// ACL_INVALIDATOR } // ACL for debuggers IP diff --git a/doc/docker/import-dataset.yml b/doc/docker/import-dataset.yml new file mode 100644 index 0000000000..f3df06ae6d --- /dev/null +++ b/doc/docker/import-dataset.yml @@ -0,0 +1,65 @@ +version: '3.3' +# Config for importing dataset images into db and nfs server +# Depends on separate stack for db; db-stack.yml + +services: + databasedump: + image: swarmmanager:5000/my-ez-app/dataset-dbdump + volumes: + - type: volume + source: dbdump + target: /dbdump + volume: + nocopy: false + + import-db: + # Using dev for now, because we need mysql client + image: ${PHP_IMAGE_DEV} + environment: + - DATABASE_USER + - DATABASE_PASSWORD + - DATABASE_NAME + - TERM=dumb + networks: + - stack-db_db + volumes: + - type: volume + source: dbdump + target: /dbdump + volume: + nocopy: true + depends_on: + - databasedump + command: > + /bin/bash -c " + time mysql -u $${DATABASE_USER} -p$${DATABASE_PASSWORD} $${DATABASE_NAME} -h db< /dbdump/ezp.sql" + + import-vardir: + image: swarmmanager:5000/my-ez-app/dataset-vardir + volumes: + - vardir:/nfs/vardirs + environment: + - DATASET_VARDIR + command: > + /bin/sh -c " + if [ ! -e /nfs/vardirs/$${DATASET_VARDIR} ]; then + echo Copying files from /var/www/web/var to /nfs/vardirs/$${DATASET_VARDIR}; + mkdir /nfs/vardirs/$${DATASET_VARDIR} && \ + time cp -a /var/www/web/var/ /nfs/vardirs/$${DATASET_VARDIR}; + else + echo Aborted, /nfs/vardirs/$${DATASET_VARDIR} already exists; + exit 2; + fi" + +networks: + stack-db_db: + external: true + +volumes: + dbdump: + vardir: + driver: local + driver_opts: + type: nfs + o: addr=swarmmanager,rw,vers=4.0 + device: ":/vardirs" \ No newline at end of file diff --git a/doc/docker/install.yml b/doc/docker/install.yml index c7b953d6df..97d74b5f91 100644 --- a/doc/docker/install.yml +++ b/doc/docker/install.yml @@ -1,5 +1,5 @@ version: '3.3' -# compose file for installing composer packages, perfrom install and dump database +# compose file for installing composer packages, perform install and dump database services: install_db: diff --git a/doc/docker/my-ez-app-stack.yml b/doc/docker/my-ez-app-stack.yml new file mode 100644 index 0000000000..ef3acb851b --- /dev/null +++ b/doc/docker/my-ez-app-stack.yml @@ -0,0 +1,80 @@ +version: '3.3' +# Config for running eZ Platform using docker stack +# Depends on separate stack for db; db-stack.yml + +services: + web: + image: swarmmanager:5000/my-ez-app/web + ports: + - "8081:80" + environment: + - SYMFONY_ENV + - MAX_BODY_SIZE=20 + - FASTCGI_PASS=app:9000 + - TIMEOUT=190 + volumes: + - vardir:/var/www/web/var + networks: + - my-ez-app + deploy: + replicas: 2 + + app: + image: swarmmanager:5000/my-ez-app/app + environment: + - SYMFONY_ENV=prod + - SYMFONY_DEBUG + - SYMFONY_HTTP_CACHE + - SYMFONY_HTTP_CACHE_CLASS + - SYMFONY_TRUSTED_PROXIES + - DATABASE_USER=ezp + - DATABASE_PASSWORD=SetYourOwnPassword + - DATABASE_NAME=ezp + - DATABASE_HOST=db + - CUSTOM_CACHE_POOL=singleredis + - CACHE_HOST=redis + - SYMFONY_HTTP_CACHE=0 + - SYMFONY_TRUSTED_PROXIES=varnish + - HTTPCACHE_PURGE_SERVER=http://varnish + - PHP_INI_ENV_session.save_handler=redis + - PHP_INI_ENV_session.save_path="tcp://redis:6379?weight=1" + - RECOMMENDATIONS_CUSTOMER_ID + - RECOMMENDATIONS_LICENSE_KEY + - PUBLIC_SERVER_URI + volumes: + - vardir:/var/www/web/var + networks: + - stack-db_db + - my-ez-app + deploy: + replicas: 5 + + redis: + image: healthcheck/redis + networks: + - my-ez-app + + varnish: + image: swarmmanager:5000/my-ez-app/varnish + ports: + - "8080:80" + depends_on: + - web + networks: + - my-ez-app + volumes: + - /var/www/vidarl-ezplatform-ee-demo/vscripts:/vscripts + command: --acl-all-networks + +networks: + stack-db_db: + external: true + my-ez-app: + +volumes: + vardir: + driver: local + driver_opts: + type: nfs + o: addr=swarmmanager,rw,vers=4.0 + device: ":/vardirs/my-ez-app/var" diff --git a/doc/docker/varnish.yml b/doc/docker/varnish.yml index 2b4d7f1647..e27c37102d 100644 --- a/doc/docker/varnish.yml +++ b/doc/docker/varnish.yml @@ -16,7 +16,6 @@ services: build: context: ../../ dockerfile: doc/docker/Dockerfile-varnish - image: my_varnish ports: - "8081:80" environment: @@ -27,6 +26,7 @@ services: networks: - frontend - backend + command: ["--acl-add", "app"] ## DEBUG?? # In need of debugging all request going to Varnish, use varnishlog, example: