feat: add getting start guide
This commit is contained in:
parent
dcb775a1fe
commit
90b6031d96
97
README.md
97
README.md
@ -1,35 +1,110 @@
|
||||
# container-pilot-dashboard
|
||||
![CoPilot Logo](./copilot.png)
|
||||
|
||||
|
||||
[![CircleCI](https://img.shields.io/circleci/project/github/yldio/joyent-portal/master.svg)](https://circleci.com/gh/yldio/joyent-portal)
|
||||
[![License: MPL 2.0](https://img.shields.io/badge/License-MPL%202.0-brightgreen.svg)](https://opensource.org/licenses/MPL-2.0)
|
||||
[![standard-readme compliant](https://img.shields.io/badge/standard--readme-OK-green.svg)](https://github.com/RichardLitt/standard-readme)
|
||||
|
||||
> TODO: Fill out this long short description
|
||||
|
||||
TODO: Fill out this long description.
|
||||
|
||||
## Table of Contents
|
||||
|
||||
- [Background](#background)
|
||||
- [Requirements](#requirements)
|
||||
- [Install](#install)
|
||||
- [Usage](#usage)
|
||||
- [Maintainers](#maintainers)
|
||||
- [Contribute](#contribute)
|
||||
- [License](#license)
|
||||
|
||||
## Background
|
||||
## Requirements
|
||||
|
||||
- [Triton account](https://sso.joyent.com/signup)
|
||||
- [Triton CLI](https://www.npmjs.com/package/triton)
|
||||
- [Docker](https://www.docker.com/)
|
||||
|
||||
## Install
|
||||
|
||||
### Set local environment variables
|
||||
|
||||
There is a [`setup.sh`](./setup.sh) script that is used to create an environment (`_env`) file that will contain the keys you use to connect to Triton as well as the keys used to secure the CoPilot installation. In order for this to work correctly you will need to first load the Triton environment variables with the `triton profile` you plan to use. Below is an example of setting these environment variables using the `triton` CLI.
|
||||
|
||||
```sh
|
||||
$ eval "$(triton env)"
|
||||
```
|
||||
|
||||
Additionally, you will need a Certificate Authority certificate file, a server certificate, and a server key file. In the subsection below is an example of generating these files.
|
||||
|
||||
### Generating Certificates to Secure CoPilot
|
||||
|
||||
Credit is due to this [CodeShip blog post](https://blog.codeship.com/how-to-set-up-mutual-tls-authentication/) for the original instructions.
|
||||
|
||||
Create the appropriate folders to contain the _ca_, _server_, and _client_ certificate files.
|
||||
|
||||
```sh
|
||||
$ mkdir -p ca server client
|
||||
```
|
||||
|
||||
Generate the CA key and certificate files
|
||||
```sh
|
||||
$ openssl genrsa -aes256 -out ca/ca.key 4096 chmod 400 ca/ca.key
|
||||
$ openssl req -new -x509 -sha256 -days 730 -key ca/ca.key -out ca/ca.crt
|
||||
$ chmod 444 ca/ca.crt
|
||||
```
|
||||
|
||||
Generate the server key files. The FQDN for your host should be specified. In the example below the host that the server will reside on is 'workshop.host' (please change to whatever host CoPilot will be accessible from).
|
||||
```sh
|
||||
$ openssl genrsa -out server/workshop.host.key 2048
|
||||
$ chmod 400 server/workshop.host.key
|
||||
$ openssl req -new -key server/workshop.host.key -sha256 -out server/workshop.host.csr
|
||||
$ openssl x509 -req -days 365 -sha256 -in server/workshop.host.csr -CA ca/ca.crt -CAkey ca/ca.key -set_serial 1 -out server/workshop.host.crt
|
||||
$ chmod 444 server/workshop.host.crt
|
||||
```
|
||||
|
||||
Generate the client certificates that will be installed into the browser.
|
||||
```sh
|
||||
$ openssl genrsa -out client/browser.key 2048
|
||||
$ openssl req -new -key client/browser.key -out client/browser.csr
|
||||
$ openssl x509 -req -days 365 -sha256 -in client/browser.csr -CA ca/ca.crt -CAkey ca/ca.key -set_serial 2 -out client/browser.crt
|
||||
$ openssl pkcs12 -export -clcerts -in client/browser.crt -inkey client/browser.key -out client/browser.p12
|
||||
```
|
||||
|
||||
Next you should install the _client/browser.p12_ certificate in your browser.
|
||||
|
||||
|
||||
### Generate `_env` file from _setup.sh_
|
||||
|
||||
Execute the _setup.sh_ script with the path to your key files.
|
||||
|
||||
```sh
|
||||
$ ./setup.sh ~/.ssh/id_rsa ca/ca.crt server/workshop.host.key server/workshop.host.crt
|
||||
```
|
||||
|
||||
## Usage
|
||||
|
||||
```
|
||||
You have 3 options for where to run CoPilot. You can either run it using the published docker images locally, or on Triton. The last option is to build the docker images and run docker containers from these locally built images.
|
||||
|
||||
### Start CoPilot using published docker images locally
|
||||
|
||||
```sh
|
||||
$ docker-compose up -d
|
||||
```
|
||||
|
||||
## Maintainers
|
||||
Navigate to [https://localhost]() to load the dashboard.
|
||||
|
||||
|
||||
### Deploy and run CoPilot on Triton
|
||||
|
||||
```sh
|
||||
$ docker-compose -f triton-compose.yml up -d
|
||||
```
|
||||
|
||||
Optionally use [_triton-docker_](https://github.com/joyent/triton-docker-cli)
|
||||
```sh
|
||||
$ triton-compose -f triton-compose.yml up -d
|
||||
```
|
||||
|
||||
### Build and run CoPilot locally
|
||||
|
||||
```sh
|
||||
$ docker-compose -f local-compose.yml up -d
|
||||
```
|
||||
|
||||
## Contribute
|
||||
|
||||
@ -37,4 +112,4 @@ See [the contribute file](CONTRIBUTING.md)!
|
||||
|
||||
## License
|
||||
|
||||
MPL-2.0
|
||||
[MPL-2.0](LICENSE)
|
||||
|
BIN
copilot.png
Normal file
BIN
copilot.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 7.9 KiB |
@ -6,22 +6,20 @@
|
||||
# turn this into an HA Consul raft.
|
||||
#############################################################################
|
||||
consul:
|
||||
image: autopilotpattern/consul:latest
|
||||
image: autopilotpattern/consul:0.7.2-r0.8
|
||||
command: >
|
||||
/usr/local/bin/containerpilot
|
||||
/bin/consul agent -server
|
||||
-bootstrap-expect 3
|
||||
-config-dir=/etc/consul
|
||||
-ui-dir /ui
|
||||
-config-dir=/etc/consul
|
||||
-log-level=err
|
||||
-bootstrap-expect 1
|
||||
-ui-dir /ui
|
||||
restart: always
|
||||
mem_limit: 128m
|
||||
ports:
|
||||
- 8500
|
||||
- 8500:8500
|
||||
dns:
|
||||
- 127.0.0.1
|
||||
labels:
|
||||
- triton.cns.services=consul-$CIRCLE_BRANCH
|
||||
- com.docker.swarm.affinities=["container!=~*"]
|
||||
|
||||
#############################################################################
|
||||
# PROMETHEUS
|
||||
@ -30,58 +28,78 @@ consul:
|
||||
# it is included here for demo purposes and is not required
|
||||
#############################################################################
|
||||
prometheus:
|
||||
image: autopilotpattern/prometheus:latest
|
||||
image: autopilotpattern/prometheus:1.7.1-r20
|
||||
restart: always
|
||||
mem_limit: 1g
|
||||
ports:
|
||||
- 9090
|
||||
labels:
|
||||
- triton.cns.services=prometheus-$CIRCLE_BRANCH
|
||||
- com.docker.swarm.affinities=["container!=~*prometheus*"]
|
||||
|
||||
#############################################################################
|
||||
# STYLEGUIDE
|
||||
#############################################################################
|
||||
styleguide:
|
||||
image: quay.io/yldio/joyent-ui-toolkit:$CIRCLE_BRANCH
|
||||
ports:
|
||||
- 6060
|
||||
mem_limit: 512m
|
||||
labels:
|
||||
- triton.cns.services=styleguide-$CIRCLE_BRANCH
|
||||
- com.docker.swarm.affinities=["container!=~*styleguide*"]
|
||||
- 9090:9090
|
||||
links:
|
||||
- consul:consul
|
||||
environment:
|
||||
- CONSUL=consul
|
||||
- CONSUL_AGENT=1
|
||||
- PORT=6060
|
||||
dns:
|
||||
- 127.0.0.1
|
||||
|
||||
|
||||
#############################################################################
|
||||
# FRONTEND
|
||||
#############################################################################
|
||||
cp-frontend:
|
||||
image: quay.io/yldio/joyent-cp-frontend:$CIRCLE_BRANCH
|
||||
frontend:
|
||||
image: joyent/copilot-frontend
|
||||
mem_limit: 512m
|
||||
labels:
|
||||
- triton.cns.services=cp-frontend-$CIRCLE_BRANCH
|
||||
- com.docker.swarm.affinities=["container!=~*cp-frontend*"]
|
||||
links:
|
||||
- consul:consul
|
||||
env_file:
|
||||
- _env
|
||||
environment:
|
||||
- CONSUL_AGENT=1
|
||||
- PORT=3069
|
||||
- REACT_APP_GQL_HOSTNAME=gql-mock-server-$CIRCLE_BRANCH.svc.f4b20699-b323-4452-9091-977895896da6.eu-ams-1.triton.zone
|
||||
- REACT_APP_GQL_PORT=3000
|
||||
- CONSUL=consul
|
||||
- PORT=443
|
||||
ports:
|
||||
- 3069
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
dns:
|
||||
- 127.0.0.1
|
||||
|
||||
|
||||
#############################################################################
|
||||
# BACKEND
|
||||
#############################################################################
|
||||
gql-mock-server:
|
||||
image: quay.io/yldio/joyent-cp-gql-mock-server:$CIRCLE_BRANCH
|
||||
api:
|
||||
image: joyent/copilot-api
|
||||
mem_limit: 512m
|
||||
labels:
|
||||
- triton.cns.services=gql-mock-server-$CIRCLE_BRANCH
|
||||
- com.docker.swarm.affinities=["container!=~*gql-mock-server*"]
|
||||
links:
|
||||
- consul:consul
|
||||
- rethinkdb:rethinkdb
|
||||
env_file:
|
||||
- _env
|
||||
environment:
|
||||
- CONSUL_AGENT=1
|
||||
- CONSUL=consul
|
||||
- PORT=3000
|
||||
ports:
|
||||
- RETHINK_HOST=rethinkdb
|
||||
expose:
|
||||
- 3000
|
||||
|
||||
# Docker-compose wrapper
|
||||
# Create _env file from running ./setup.sh
|
||||
compose-api:
|
||||
image: joyent/copilot-compose
|
||||
links:
|
||||
- consul:consul
|
||||
expose:
|
||||
- 4242
|
||||
env_file:
|
||||
- _env
|
||||
environment:
|
||||
- CONSUL=consul
|
||||
restart: always
|
||||
|
||||
rethinkdb:
|
||||
image: rethinkdb
|
||||
restart: always
|
||||
mem_limit: 1g
|
||||
ports:
|
||||
- 8080:8080
|
||||
expose:
|
||||
- 28015
|
||||
- 29015
|
||||
|
@ -56,9 +56,6 @@ frontend:
|
||||
environment:
|
||||
- CONSUL=consul
|
||||
- PORT=443
|
||||
- REACT_APP_GQL_HOSTNAME=workshop.host
|
||||
- REACT_APP_GQL_PORT=443
|
||||
- REACT_APP_GQL_PROTOCOL=https
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
|
@ -10,22 +10,18 @@ consul:
|
||||
command: >
|
||||
/usr/local/bin/containerpilot
|
||||
/bin/consul agent -server
|
||||
-bootstrap-expect 1
|
||||
-config-dir=/etc/consul
|
||||
-log-level=err
|
||||
-bootstrap-expect 1
|
||||
-ui-dir /ui
|
||||
# Change "-bootstrap" to "-bootstrap-expect 3", then scale to 3 or more to
|
||||
# turn this into an HA Consul raft.
|
||||
restart: always
|
||||
mem_limit: 128m
|
||||
ports:
|
||||
# As above, this port declaration should not be made for production.
|
||||
- 8500
|
||||
labels:
|
||||
- triton.cns.services=copilot-consul
|
||||
ports:
|
||||
- 8500:8500
|
||||
dns:
|
||||
- 127.0.0.1
|
||||
env_file: _env
|
||||
|
||||
|
||||
#############################################################################
|
||||
# PROMETHEUS
|
||||
@ -34,7 +30,11 @@ consul:
|
||||
# it is included here for demo purposes and is not required
|
||||
#############################################################################
|
||||
prometheus:
|
||||
image: autopilotpattern/prometheus:latest
|
||||
image: autopilotpattern/prometheus:1.7.1-r20
|
||||
restart: always
|
||||
mem_limit: 1g
|
||||
ports:
|
||||
- 9090:9090
|
||||
labels:
|
||||
# This label sets the CNS name, Triton's automatic DNS
|
||||
# Learn more at https://docs.joyent.com/public-cloud/network/cns
|
||||
@ -42,60 +42,49 @@ prometheus:
|
||||
# This label selects the proper Joyent resource package
|
||||
# https://www.joyent.com/blog/optimizing-docker-on-triton#ram-cpu-and-disk-resources-for-your-containers
|
||||
- com.joyent.package=g4-highcpu-1G
|
||||
restart: always
|
||||
ports:
|
||||
# You may not want these port declarations for production. Without them, Prometheus will only
|
||||
# listen on the private network. This will also result in a public prometheus CNS record being created,
|
||||
# in the triton.zone domain.
|
||||
- 9090
|
||||
env_file: _env
|
||||
environment:
|
||||
- CONSUL_AGENT=1
|
||||
dns:
|
||||
- 127.0.0.1
|
||||
|
||||
|
||||
#############################################################################
|
||||
# FRONTEND
|
||||
#############################################################################
|
||||
frontend:
|
||||
image: d0cker/copilot-frontend
|
||||
image: joyent/copilot-frontend
|
||||
mem_limit: 512m
|
||||
env_file:
|
||||
- _env
|
||||
environment:
|
||||
- PORT=8080
|
||||
- REACT_APP_GQL_PORT=80
|
||||
expose:
|
||||
- 8080
|
||||
restart: always
|
||||
|
||||
traefik:
|
||||
image: d0cker/traefik
|
||||
labels:
|
||||
- triton.cns.services=copilot
|
||||
- PORT=443
|
||||
ports:
|
||||
- 80
|
||||
- 8080
|
||||
restart: always
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
dns:
|
||||
- 127.0.0.1
|
||||
|
||||
|
||||
#############################################################################
|
||||
# BACKEND
|
||||
#############################################################################
|
||||
api:
|
||||
image: d0cker/copilot-api
|
||||
image: joyent/copilot-api
|
||||
mem_limit: 512m
|
||||
links:
|
||||
- rethinkdb:rethinkdb
|
||||
env_file:
|
||||
- _env
|
||||
environment:
|
||||
- PORT=8080
|
||||
- PORT=3000
|
||||
- RETHINK_HOST=rethinkdb
|
||||
expose:
|
||||
- 8080
|
||||
restart: always
|
||||
- 3000
|
||||
|
||||
# Docker-compose wrapper
|
||||
# Create _env file from running ./setup.sh
|
||||
composeapi:
|
||||
image: d0cker/compose-api
|
||||
compose-api:
|
||||
image: joyent/copilot-compose
|
||||
expose:
|
||||
- 4242
|
||||
env_file:
|
||||
@ -106,11 +95,10 @@ rethinkdb:
|
||||
image: rethinkdb
|
||||
restart: always
|
||||
mem_limit: 1g
|
||||
# You may not want these port declarations for production. It
|
||||
labels:
|
||||
- triton.cns.services=copilot-rethinkdb
|
||||
ports:
|
||||
- 8080
|
||||
- 8080:8080
|
||||
expose:
|
||||
- 28015
|
||||
- 29015
|
||||
labels:
|
||||
- triton.cns.services=copilot-rethinkdb
|
||||
|
Loading…
Reference in New Issue
Block a user