Skip to content
No description, website, or topics provided.
HTML JavaScript Shell Makefile
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
app
deploy
nginx
test
.dockerignore
.gitignore
Dockerfile
Jenkinsfile
Makefile
README.md
install-nginx.sh
mra-photouploader.iml

README.md

NGINX Microservices Reference Architecture: PhotoUploader Service

This repository contains a Node application which is used to upload images to the NGINX Ingenious website. The Ingenious application has been developed by the NGINX Professional Services team to provide a reference architecture for building your own microservices based application using NGINX as the service mesh.

The default configuration for all the components of the MRA, including the Photo Uploader service, is to use the Fabric Model Architecture. Instructions for using the Router Mesh or Proxy Model architectures will be made available in the future.

Quick start

As a single service in the set of services which comprise the NGINX Microservices Reference Architecture application, Ingenious, the Photo Uploader service is not meant to function as a standalone service. Once you have built the image, it can be deployed to a container engine along with the other components of the Ingenious application, and then the application will be accessible via your browser.

There are detailed instructions for building the service below, and in order to get started quickly, you can follow these simple instructions to quickly build the image.

  1. (Optional) If you don't already have an NGINX Plus license, you can request a temporary developer license here. If you do have a license, then skip to the next step.
  2. Copy your licenses to the /mra-photouploader/nginx/ssl directory
  3. Run the command docker build . -t <your-image-repo-name>/uploader:quickstart where is the username for where you store your Docker images
  4. Once the image has been built, push it to your image repository with the command docker push -t <your-image-repo-name>/uploader:quickstart

At this point, you will have an image that is suitable for deployment on to a Kubernetes installation, and you can deploy the image by creating YAML files and uploading them to your Kubernetes installation.

To build a customized image for different container engines or to set other options, please follow the directions below.

Building a Customized Docker Image

The Dockerfile for the Photo Uploader service is based on the node:4 image, and installs NGINX open source or NGINX Plus. Note that NGINX Plus includes features which make discovery of other services possible, include additional load balancing algorithms, create persistent SSL/TLS connections, and provide advanced health check functionality.

Please refer to the comments in the Dockerfile for details about each command which is used to build the image.

The command, or entrypoint, for the Dockerfile is the start.sh script. This script sets some local variables, then runs pm2 to execute the logic in the app.js file. It also starts NGINX to send requests to the port opened by Node.

1. Build options

The Dockerfile sets some ENV arguments which are used when the image is built:

  • USE_NGINX_PLUS
    The default value is true. When this value is set to false, NGINX open source will be built in to the image and several features, including service discovery and advanced load balancing will be disabled. See installing nginx plus

  • USE_VAULT
    The default value is false. Setting this value to true will cause install-nginx.sh to look for a file named vault_env.sh which contains the VAULT_ADDR and VAULT_TOKEN environment variables to retrieve NGINX Plus keys from a vault server.

    #!/bin/bash
    export VAULT_ADDR=<your-vault-address>
    export VAULT_TOKEN=<your-vault-token>
    

    You must be certain to include the vault_env.sh file when USE_VAULT is true. There is an entry in the .gitignore file for vault_env.sh

    In the future, we will release an article on our blog describing how to use vault with NGINX.

  • CONTAINER_ENGINE
    The container engine used to run the images in a container. CONTAINER_ENGINE can be one of the following values

2. Decide whether to use NGINX Open Source or NGINX Plus

Installing NGINX Open Source

Set the USE_NGINX_PLUS property to false in the Dockerfile

Installing NGINX Plus

Before installing NGINX Plus, you'll need to obtain your license keys. If you do not already have a valid NGINX Plus subscription, you can request developer licenses here

Set the USE_NGINX_PLUS property to true in the Dockerfile

By default USE_VAULT is set to false, and you must manually copy your nginx-repo.crt and nginx-repo.key files to the /mra-photouploader/nginx/ssl/ directory.

Download the nginx-repo.crt and nginx-repo.key files for your NGINX Plus Developer License or subscription, and move them to the root directory of this project. You can then copy both of these files to the /nginx/ssl directory of each microservice using the command below:

cp nginx-repo.crt nginx-repo.key <repository>/nginx/ssl/

If USE_VAULT is set to true, you must have installed a vault server and written the contents of the nginx-repo.crt and nginx-repo.key file to vault server. Refer to the vault documentation for instructions configuring a vault server and adding values to it.

3. Decide which container engine to use

Set the CONTAINER_ENGINE variable

As described above, the CONTAINER_ENGINE environment variable must be set to one of the following three options. The install-nginx.sh file uses this value to determine which template file to use when populating the nginx.conf file.

  • kubernetes
  • mesos
  • local

4. Build the image

Replace <your-image-repo-name> with the username for where you store your Docker images, and execute the command below to build the image. The <tag> argument is optional and defaults to latest

docker build . -t <your-image-repo-name>/uploader:<tag>

5. Modify the hosts file

The uploader service stores images using Amazon S3, the location of which is specified by the S3_URL environment variable.

For the purposes of demonstration, the application makes use of a simulated S3 service called Fake S3, which runs as a separate service.

While running the Ingenious application locally, you must update your hosts file to match the value that is set for the S3_URL environment variable. By default, this value is http://fake-s3, so the hosts file should look like:

127.0.0.1   fake-s3

A note about Fake S3

Fake S3 makes it simple to build and test applications which use Amazon S3. If Ingenious were in production, it would connect directly to an S3 service on AWS. Here are a couple of alternatives to Fake S3:

We haven't tested either of these and there are other options as well. If you successfully implement an alternative to Fake S3, let us know by creating a pull request.

6. Testing

The Photo Uploader service is unique among the services in the NGINX MRA because every function in app.js results in a call to another service. As such, only integration tests have been implemented and must be run when all the services are available.

In order to run the tests, start all the services in the MRA following the documentation in the Ingenious repo, then get a shell to the uploader service using the docker command:

$ docker exec -it uploader /bin/bash

Once you have a shell in the container, change to the tests directory:

$ cd /usr/src/test

Now run the tests using YARN:

$ yarn test

You will see output in the console indicating whether the tests were successful.

7. Runtime environment variables

In order to run the image, some environment variables must be set so that they are available during runtime.

Variable Name Description Example Value
ALBUM_MANAGER_URL The URL for the album manager service http://localhost/album-manager
AWS_ACCESS_KEY_ID Your AWS Key for S3 ABCD1234ABCD1234ABCD1234
AWS_REGION The region where your S3 instance is running us-west-1
AWS_SECRET_ACCESS_KEY Your AWS Secret Access Key ABCD1234ABCD1234ABCD1234
S3_URL The URL for the S3 host http://fake-s3.local
RESIZER_URL The URL for the resizer service http://localhost/resizer/v1/image
S3_BUCKET The name of the S3 bucket mra-images
DEV_MODE PM2 automatically restart the app when a file is modified false

6. Service Endpoints

Method Endpoint Description Parameters
GET / Return a string
POST /image Uploads image to S3 bucket specified in the URL form input
DELETE /image/uploads/photos/{uuid} Delete all variations of image within S3 based on uuid uuid - uuid for image

Disclaimer

The Photo Uploader service only supports JPG and JPEG.

In this service, the nginx/ssl/dhparam.pem file is provided for ease of setup. In production environments, it is highly recommended for secure key-exchange to replace this file with your own generated DH parameter.

You can generate your own dhparam.pem file using the command below:

openssl dhparam -out nginx/ssl/dhparam.pem 2048
You can’t perform that action at this time.