Commit 6fd8e663 authored by Pedro Eduardo Trujillo's avatar Pedro Eduardo Trujillo
Browse files

Actualiza base, limita recursos y transforma dev 

Se prepara para maximizar el uso de memoria para la pila de Java,
controlando los límites desde las restricciones de Docker.
Aprovecha para limitar los contenedores y para transformar el entorno
de desarrollo en un Docker Swarm, con servicios clusterizados (como
en producción).
parent 071328ff

.gitlab-ci.yml

+40 −16
Original line number Diff line number Diff line
@@ -122,19 +122,28 @@ deploy-dev: 
  variables:

    DOCKER_DRIVER: overlay2

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    SERVICE: ${CI_PROJECT_NAME}

    STACK: api

    SERVICES_TO_CHECK: api_${CI_PROJECT_NAME}

    IMAGE_NAME: ${CI_REGISTRY_IMAGE}

    IMAGE_TAG: ${CI_COMMIT_SHA}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

    SPRING_PROFILES_ACTIVE: pre

    SPRING_DATASOURCE_USERNAME: ${DEV_SPRING_DATASOURCE_USERNAME}

    SPRING_DATASOURCE_PASSWORD: ${DEV_SPRING_DATASOURCE_PASSWORD}

    JOBS_DATASOURCE_USERNAME: ${DEV_JOBS_DATASOURCE_USERNAME}

    JOBS_DATASOURCE_PASSWORD: ${DEV_JOBS_DATASOURCE_PASSWORD}

    AWS_ACCESS_KEY: ${DEV_AWS_ACCESS_KEY}

    AWS_SECRET_KEY: ${DEV_AWS_SECRET_KEY}

    ELASTIC_XPACKSECURITYUSER: ${DEV_ELASTIC_XPACKSECURITYUSER}

  services:

    - docker:dind

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      SPRING_PROFILES_ACTIVE=pre SPRING_DATASOURCE_USERNAME=${DEV_SPRING_DATASOURCE_USERNAME}

      SPRING_DATASOURCE_PASSWORD=${DEV_SPRING_DATASOURCE_PASSWORD}

      JOBS_DATASOURCE_USERNAME=${DEV_JOBS_DATASOURCE_USERNAME} JOBS_DATASOURCE_PASSWORD=${DEV_JOBS_DATASOURCE_PASSWORD}

      AWS_ACCESS_KEY=${DEV_AWS_ACCESS_KEY} AWS_SECRET_KEY=${DEV_AWS_SECRET_KEY} ELASTIC_XPACKSECURITYUSER=${DEV_ELASTIC_XPACKSECURITYUSER}

      SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE} SPRING_DATASOURCE_USERNAME=${SPRING_DATASOURCE_USERNAME}

      SPRING_DATASOURCE_PASSWORD=${SPRING_DATASOURCE_PASSWORD} JOBS_DATASOURCE_USERNAME=${JOBS_DATASOURCE_USERNAME}

      JOBS_DATASOURCE_PASSWORD=${JOBS_DATASOURCE_PASSWORD} AWS_ACCESS_KEY=${AWS_ACCESS_KEY}

      AWS_SECRET_KEY=${AWS_SECRET_KEY} ELASTIC_XPACKSECURITYUSER=${ELASTIC_XPACKSECURITYUSER}

  environment:

    name: dev

    url: https://appdev.${DEV_PUBLIC_HOSTNAME}/api/${CI_PROJECT_NAME}
@@ -147,19 +156,28 @@ deploy-supporting-branch: 
  variables:

    DOCKER_DRIVER: overlay2

    SSH_REMOTE: ${DEV_SSH_REMOTE}

    SERVICE: ${CI_PROJECT_NAME}

    STACK: api

    SERVICES_TO_CHECK: api_${CI_PROJECT_NAME}

    IMAGE_NAME: ${CI_REGISTRY_IMAGE}

    IMAGE_TAG: ${CI_COMMIT_SHA}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.dev.yml

    SPRING_PROFILES_ACTIVE: pre

    SPRING_DATASOURCE_USERNAME: ${DEV_SPRING_DATASOURCE_USERNAME}

    SPRING_DATASOURCE_PASSWORD: ${DEV_SPRING_DATASOURCE_PASSWORD}

    JOBS_DATASOURCE_USERNAME: ${DEV_JOBS_DATASOURCE_USERNAME}

    JOBS_DATASOURCE_PASSWORD: ${DEV_JOBS_DATASOURCE_PASSWORD}

    AWS_ACCESS_KEY: ${DEV_AWS_ACCESS_KEY}

    AWS_SECRET_KEY: ${DEV_AWS_SECRET_KEY}

    ELASTIC_XPACKSECURITYUSER: ${DEV_ELASTIC_XPACKSECURITYUSER}

  services:

    - docker:dind

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      SPRING_PROFILES_ACTIVE=pre SPRING_DATASOURCE_USERNAME=${DEV_SPRING_DATASOURCE_USERNAME}

      SPRING_DATASOURCE_PASSWORD=${DEV_SPRING_DATASOURCE_PASSWORD}

      JOBS_DATASOURCE_USERNAME=${DEV_JOBS_DATASOURCE_USERNAME} JOBS_DATASOURCE_PASSWORD=${DEV_JOBS_DATASOURCE_PASSWORD}

      AWS_ACCESS_KEY=${DEV_AWS_ACCESS_KEY} AWS_SECRET_KEY=${DEV_AWS_SECRET_KEY} ELASTIC_XPACKSECURITYUSER=${DEV_ELASTIC_XPACKSECURITYUSER}

      SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE} SPRING_DATASOURCE_USERNAME=${SPRING_DATASOURCE_USERNAME}

      SPRING_DATASOURCE_PASSWORD=${SPRING_DATASOURCE_PASSWORD} JOBS_DATASOURCE_USERNAME=${JOBS_DATASOURCE_USERNAME}

      JOBS_DATASOURCE_PASSWORD=${JOBS_DATASOURCE_PASSWORD} AWS_ACCESS_KEY=${AWS_ACCESS_KEY}

      AWS_SECRET_KEY=${AWS_SECRET_KEY} ELASTIC_XPACKSECURITYUSER=${ELASTIC_XPACKSECURITYUSER}

  environment:

    name: dev

    url: https://appdev.${DEV_PUBLIC_HOSTNAME}/api/${CI_PROJECT_NAME}
@@ -176,22 +194,28 @@ deploy-pro: 
  variables:

    DOCKER_DRIVER: overlay2

    SSH_REMOTE: ${PRO_SSH_REMOTE}

    STATUS_CHECK_DELAY: '120'

    STATUS_CHECK_INTERVAL: '10'

    STACK: api

    SERVICES_TO_CHECK: api_${CI_PROJECT_NAME}

    IMAGE_NAME: ${CI_REGISTRY_IMAGE}

    IMAGE_TAG: ${CI_COMMIT_SHA}

    COMPOSE_FILE: docker-compose.tmpl.yml:docker-compose.prod.yml

    SPRING_PROFILES_ACTIVE: prod

    SPRING_DATASOURCE_USERNAME: ${PRO_SPRING_DATASOURCE_USERNAME}

    SPRING_DATASOURCE_PASSWORD: ${PRO_SPRING_DATASOURCE_PASSWORD}

    JOBS_DATASOURCE_USERNAME: ${PRO_JOBS_DATASOURCE_USERNAME}

    JOBS_DATASOURCE_PASSWORD: ${PRO_JOBS_DATASOURCE_PASSWORD}

    AWS_ACCESS_KEY: ${PRO_AWS_ACCESS_KEY}

    AWS_SECRET_KEY: ${PRO_AWS_SECRET_KEY}

    ELASTIC_XPACKSECURITYUSER: ${PRO_ELASTIC_XPACKSECURITYUSER}

  services:

    - docker:dind

  script:

    - >

      deploy.sh IMAGE_NAME=${IMAGE_NAME} IMAGE_TAG=${IMAGE_TAG} COMPOSE_FILE=${COMPOSE_FILE}

      SPRING_PROFILES_ACTIVE=prod SPRING_DATASOURCE_USERNAME=${PRO_SPRING_DATASOURCE_USERNAME}

      SPRING_DATASOURCE_PASSWORD=${PRO_SPRING_DATASOURCE_PASSWORD}

      JOBS_DATASOURCE_USERNAME=${PRO_JOBS_DATASOURCE_USERNAME} JOBS_DATASOURCE_PASSWORD=${PRO_JOBS_DATASOURCE_PASSWORD}

      AWS_ACCESS_KEY=${PRO_AWS_ACCESS_KEY} AWS_SECRET_KEY=${PRO_AWS_SECRET_KEY} ELASTIC_XPACKSECURITYUSER=${PRO_ELASTIC_XPACKSECURITYUSER}

      SPRING_PROFILES_ACTIVE=${SPRING_PROFILES_ACTIVE} SPRING_DATASOURCE_USERNAME=${SPRING_DATASOURCE_USERNAME}

      SPRING_DATASOURCE_PASSWORD=${SPRING_DATASOURCE_PASSWORD} JOBS_DATASOURCE_USERNAME=${JOBS_DATASOURCE_USERNAME}

      JOBS_DATASOURCE_PASSWORD=${JOBS_DATASOURCE_PASSWORD} AWS_ACCESS_KEY=${AWS_ACCESS_KEY}

      AWS_SECRET_KEY=${AWS_SECRET_KEY} ELASTIC_XPACKSECURITYUSER=${ELASTIC_XPACKSECURITYUSER}

  environment:

    name: pro

    url: https://${PRO_PUBLIC_HOSTNAME}/api/${CI_PROJECT_NAME}

Dockerfile

+0 −4
Original line number Diff line number Diff line
@@ -6,7 +6,3 @@ FROM ${PARENT_IMAGE_NAME}:${PARENT_IMAGE_TAG} 
COPY /dist/*.jar ./



EXPOSE ${MICROSERVICE_PORT}
 


ENTRYPOINT java ${JAVA_OPTS} \

	-Djava.security.egd=file:/dev/./urandom \

	-jar ${DIRPATH}/${MICROSERVICE_NAME}.jar

docker-compose.dev.yml

+21 −3
Original line number Diff line number Diff line
@@ -2,13 +2,31 @@ version: '3.5' 


services:

  tasks:

    container_name: ${MICROSERVICE_NAME}

    restart: on-failure:3

    ports:

      - ${MICROSERVICE_PORT}:${MICROSERVICE_PORT}

      - target: ${MICROSERVICE_PORT}

        published: ${MICROSERVICE_PORT}

        mode: host

    deploy:

      mode: replicated

      replicas: 1

      labels:

        traefik.port: "${MICROSERVICE_PORT}"

        traefik.docker.network: traefik-net

        traefik.frontend.rule: PathPrefix:/api/${MICROSERVICE_NAME}

        traefik.backend: ${MICROSERVICE_NAME}

      restart_policy:

        delay: 1m

        window: 3m

      resources:

        limits:

          cpus: '1'

          memory: 1G

        reservations:

          memory: 820M



volumes:

  mediastorage-private-vol:

    name: mediastorage-private-vol



  mediastorage-public-vol:

    name: mediastorage-public-vol
 
 No newline at end of file

docker-compose.prod.yml

+11 −7
Original line number Diff line number Diff line
@@ -2,8 +2,6 @@ version: '3.5' 


services:

  tasks:

    networks:

      - traefik-net

    deploy:

      mode: replicated

      replicas: 1
@@ -16,18 +14,24 @@ services: 
        constraints:

          - node.role == worker

      restart_policy:

        condition: on-failure

        delay: 1m

        window: 3m



networks:

  traefik-net:

    external: true

      resources:

        limits:

          cpus: '1'

          memory: 1G

        reservations:

          memory: 820M



volumes:

  mediastorage-private-vol:

    name: mediastorage-private-vol

    driver: "cloudstor:aws"

    driver_opts:

      backing: shared



  mediastorage-public-vol:

    name: mediastorage-public-vol

    driver: "cloudstor:aws"

    driver_opts:

      backing: shared

docker-compose.tmpl.yml

+8 −1
Original line number Diff line number Diff line
@@ -14,12 +14,13 @@ services: 
      - AWS_ACCESS_KEY

      - AWS_SECRET_KEY

      - ELASTIC_XPACKSECURITYUSER

      - JAVA_OPTS=-Xmx1g -Xss1g

      - JAVA_OPTS=-XX:MaxRAMFraction=1

    networks:

      - elastic-net

      - kafka-net

      - postgres-net

      - redmic-net

      - traefik-net

    volumes:

      - mediastorage-private-vol:/data/MEDIA_STORAGE

      - mediastorage-public-vol:/data/PUBLIC_MEDIA_STORAGE
@@ -33,9 +34,15 @@ services: 
networks:

  elastic-net:

    external: true



  kafka-net:

    external: true



  postgres-net:

    external: true



  redmic-net:

    external: true



  traefik-net:

    external: true
 
 No newline at end of file