From 7ff5bf07a67b5af4daff86db3c4d2a1fac4cb461 Mon Sep 17 00:00:00 2001 From: Josh Sandlin Date: Thu, 17 Oct 2024 22:57:48 +0000 Subject: [PATCH 1/4] take 2 on this idea. lets just build a newer version of nginx rather than upgrade everything --- .circleci/config.yml | 24 +++++++++++++----------- deploy/Dockerfile.prod | 39 +++++++++++++++++++++++++++++++-------- docker-compose.yml | 16 ++++++++-------- 3 files changed, 52 insertions(+), 27 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 3a53f428..81f99fb8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -150,19 +150,18 @@ jobs: <<: *defaults steps: - checkout - - setup_remote_docker: - version: "20.10.23" + - setup_remote_docker - run: | export WORKDIR=`pwd` export CIRCLE_PROJECT_REPONAME=$PROJECT_NAME build-docker - - deploy: - name: push image - command: | - export AWS_ACCESS_KEY_ID=$STAGING_AWS_ACCESS_KEY_ID - export AWS_SECRET_ACCESS_KEY=$STAGING_AWS_SECRET_ACCESS_KEY - export CIRCLE_PROJECT_REPONAME=$PROJECT_NAME - push-docker + # - deploy: + # name: push image + # command: | + # export AWS_ACCESS_KEY_ID=$STAGING_AWS_ACCESS_KEY_ID + # export AWS_SECRET_ACCESS_KEY=$STAGING_AWS_SECRET_ACCESS_KEY + # export CIRCLE_PROJECT_REPONAME=$PROJECT_NAME + # push-docker build_production_docker_image: <<: *defaults @@ -171,8 +170,7 @@ jobs: ECR_REPO: 799720048698.dkr.ecr.us-east-1.amazonaws.com steps: - checkout - - setup_remote_docker: - version: "20.10.23" + - setup_remote_docker - run: | export WORKDIR=`pwd` export CIRCLE_PROJECT_REPONAME=$PROJECT_NAME @@ -237,6 +235,10 @@ workflows: filters: branches: ignore: main + - build_staging_docker_image: + filters: + branches: + ignore: main main: jobs: diff --git a/deploy/Dockerfile.prod b/deploy/Dockerfile.prod index dc3588e3..f6a54e43 100644 --- a/deploy/Dockerfile.prod +++ b/deploy/Dockerfile.prod @@ -1,4 +1,4 @@ -FROM golang:1.20 as builder +FROM golang:1.20 AS builder WORKDIR /docker-compose-generate COPY ./util/docker-compose-generate /docker-compose-generate RUN make build @@ -9,28 +9,51 @@ COPY --from=builder /docker-compose-generate/dcg /dcg RUN apt-get update \ && apt-get install -y --no-install-recommends \ git \ - nginx \ + build-essential \ + libpcre3 \ + libpcre3-dev \ + zlib1g \ + zlib1g-dev \ + libssl-dev \ supervisor \ && rm -rf /var/lib/apt/lists/* +WORKDIR /tmp +RUN curl -O http://nginx.org/download/nginx-1.24.0.tar.gz \ + && tar -zxvf nginx-1.24.0.tar.gz \ + && cd nginx-1.24.0 \ + && ./configure \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-http_gzip_static_module \ + && make \ + && make install \ + && rm -rf /tmp/nginx-1.24.0* + +# Add Nginx binary location to PATH +ENV PATH="/usr/local/nginx/sbin:$PATH" + +# Set up Nginx and Supervisor configurations +RUN echo "daemon off;" >> /usr/local/nginx/conf/nginx.conf +RUN rm /usr/local/nginx/conf/nginx.conf +ADD ./nginx-app.conf /usr/local/nginx/conf/ +ADD ./supervisor-app.conf /etc/supervisor/conf.d/ + +# Copy Python app files ADD ./requirements.txt /home/docker/code/ RUN pip install -r /home/docker/code/requirements.txt -RUN echo "daemon off;" >> /etc/nginx/nginx.conf -RUN rm /etc/nginx/sites-enabled/default -ADD ./nginx-app.conf /etc/nginx/sites-enabled/ -ADD ./supervisor-app.conf /etc/supervisor/conf.d/ - ADD ./uwsgi_params /home/docker/code/ ADD ./uwsgi.ini /home/docker/code/ - ADD ./install_scripts /home/docker/code/install_scripts/ ADD ./main.py /home/docker/code/ ADD Manifest /home/docker/code/ ADD LICENSE /home/docker/code/ +# Generate Docker compose template RUN /dcg --raw > /home/docker/code/install_scripts/templates/swarm/docker-compose-generate-safe.sh +# Expose Nginx port EXPOSE 80 CMD ["supervisord", "-c", "/etc/supervisor/supervisord.conf", "-n"] diff --git a/docker-compose.yml b/docker-compose.yml index d521a8bf..52a16dc3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,11 +4,11 @@ services: install-scripts: build: . container_name: "replicated.install-scripts" - networks: - - default - - saas_default - external_links: - - replicated.saas.mysql:mysql + # networks: + # - default + # - saas_default + # external_links: + # - replicated.saas.mysql:mysql ports: - "8090:5000" restart: always @@ -24,6 +24,6 @@ services: - .:/usr/src/app command: [python, main.py] -networks: - saas_default: - external: true +# networks: +# saas_default: +# external: true From 4fb19d7b3986e6364b1caba0cec28bfe52e9886b Mon Sep 17 00:00:00 2001 From: Josh Sandlin Date: Thu, 17 Oct 2024 23:00:45 +0000 Subject: [PATCH 2/4] put pipeline back how it was --- .circleci/config.yml | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 81f99fb8..f8211c2d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -155,13 +155,13 @@ jobs: export WORKDIR=`pwd` export CIRCLE_PROJECT_REPONAME=$PROJECT_NAME build-docker - # - deploy: - # name: push image - # command: | - # export AWS_ACCESS_KEY_ID=$STAGING_AWS_ACCESS_KEY_ID - # export AWS_SECRET_ACCESS_KEY=$STAGING_AWS_SECRET_ACCESS_KEY - # export CIRCLE_PROJECT_REPONAME=$PROJECT_NAME - # push-docker + - deploy: + name: push image + command: | + export AWS_ACCESS_KEY_ID=$STAGING_AWS_ACCESS_KEY_ID + export AWS_SECRET_ACCESS_KEY=$STAGING_AWS_SECRET_ACCESS_KEY + export CIRCLE_PROJECT_REPONAME=$PROJECT_NAME + push-docker build_production_docker_image: <<: *defaults @@ -235,10 +235,6 @@ workflows: filters: branches: ignore: main - - build_staging_docker_image: - filters: - branches: - ignore: main main: jobs: From 774ea9ba457071ba3a8081a299e303692ebbfe51 Mon Sep 17 00:00:00 2001 From: Josh Sandlin Date: Thu, 17 Oct 2024 23:05:18 +0000 Subject: [PATCH 3/4] undo changes to docker-compose.yml --- docker-compose.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 52a16dc3..d521a8bf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,11 +4,11 @@ services: install-scripts: build: . container_name: "replicated.install-scripts" - # networks: - # - default - # - saas_default - # external_links: - # - replicated.saas.mysql:mysql + networks: + - default + - saas_default + external_links: + - replicated.saas.mysql:mysql ports: - "8090:5000" restart: always @@ -24,6 +24,6 @@ services: - .:/usr/src/app command: [python, main.py] -# networks: -# saas_default: -# external: true +networks: + saas_default: + external: true From 6bc9cee238fa6a5606de0d5cf8239ecae43aedd3 Mon Sep 17 00:00:00 2001 From: Josh Sandlin Date: Fri, 18 Oct 2024 17:51:06 +0000 Subject: [PATCH 4/4] Lets make sure nginx runs and stays running! --- deploy/Dockerfile.prod | 3 +-- nginx-app.conf | 44 ++++++++++++++++++++++++------------------ supervisor-app.conf | 6 +++++- 3 files changed, 31 insertions(+), 22 deletions(-) diff --git a/deploy/Dockerfile.prod b/deploy/Dockerfile.prod index f6a54e43..b6b16306 100644 --- a/deploy/Dockerfile.prod +++ b/deploy/Dockerfile.prod @@ -34,9 +34,8 @@ RUN curl -O http://nginx.org/download/nginx-1.24.0.tar.gz \ ENV PATH="/usr/local/nginx/sbin:$PATH" # Set up Nginx and Supervisor configurations -RUN echo "daemon off;" >> /usr/local/nginx/conf/nginx.conf RUN rm /usr/local/nginx/conf/nginx.conf -ADD ./nginx-app.conf /usr/local/nginx/conf/ +ADD ./nginx-app.conf /usr/local/nginx/conf/nginx.conf ADD ./supervisor-app.conf /etc/supervisor/conf.d/ # Copy Python app files diff --git a/nginx-app.conf b/nginx-app.conf index 4d149a1b..fd037c3a 100644 --- a/nginx-app.conf +++ b/nginx-app.conf @@ -1,27 +1,33 @@ # mysite_nginx.conf -# the upstream component nginx needs to connect to -upstream flask { - server unix:/tmp/app.sock; # for a file socket - # server 127.0.0.1:8001; # for a web port socket (we'll use this first) +events { + worker_connections 1024; } -# configuration of the server -server { - # the port your site will be served on, default_server indicates that this server block - # is the block to use if no blocks match the server_name - listen 80 default_server; +http { + # the upstream component nginx needs to connect to + upstream flask { + server unix:/tmp/app.sock; # for a file socket + # server 127.0.0.1:8001; # for a web port socket (we'll use this first) + } - # the domain name it will serve for - server_name get.replicated.com; # substitute your machine's IP address or FQDN - charset utf-8; + # configuration of the server + server { + # the port your site will be served on, default_server indicates that this server block + # is the block to use if no blocks match the server_name + listen 80 default_server; - # max upload size - client_max_body_size 75M; # adjust to taste + # the domain name it will serve for + server_name get.replicated.com; # substitute your machine's IP address or FQDN + charset utf-8; - # Finally, send all non-media requests to the Flask server. - location / { - uwsgi_pass flask; - include /home/docker/code/uwsgi_params; # the uwsgi_params file you installed - } + # max upload size + client_max_body_size 75M; # adjust to taste + + # Finally, send all non-media requests to the Flask server. + location / { + uwsgi_pass flask; + include /home/docker/code/uwsgi_params; # the uwsgi_params file you installed + } + } } diff --git a/supervisor-app.conf b/supervisor-app.conf index cdd76172..3546a06d 100644 --- a/supervisor-app.conf +++ b/supervisor-app.conf @@ -6,4 +6,8 @@ stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 [program:nginx-app] -command = /usr/sbin/nginx +command = /usr/local/nginx/sbin/nginx -g "daemon off;" +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0