WIP: more work on the docker structure, still not finished with 4_run

1_base: builds a base image, based on Ubuntu 16.10 2_buildpy: builds two images: 2a: an image that can build Python 3.6 2b: an image that contains the built Python 3.6 in /opt/python 3_buildwheels: builds an image to build wheel files, puts them in ../4_run 4_run: the production runtime image, which can't build anything and just runs.
2017-03-07 22:41:05 +01:00
parent af14910fa9
commit d7e4995cfa
20 changed files with 150 additions and 119 deletions
--- a/docker/4_run/000-default.conf
+++ b/docker/4_run/000-default.conf
@@ -0,0 +1,39 @@
+<VirtualHost *:80>
+	# EnableSendfile on
+	XSendFile on
+	XSendFilePath /data/storage/pillar
+	XSendFilePath /data/git/pillar
+	XSendFilePath /data/venv/lib/python2.7/site-packages/attract/static/
+	XSendFilePath /data/venv/lib/python2.7/site-packages/flamenco/static/
+	XsendFilePath /data/git/blender-cloud
+
+	ServerAdmin webmaster@localhost
+	DocumentRoot /var/www/html
+
+	# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+	# error, crit, alert, emerg.
+	# It is also possible to configure the loglevel for particular
+	# modules, e.g.
+	# LogLevel info ssl:warn
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+	WSGIDaemonProcess cloud processes=4 threads=1 maximum-requests=10000
+	WSGIPassAuthorization On
+
+	WSGIScriptAlias / /data/git/blender-cloud/runserver.wsgi \
+		process-group=cloud application-group=%{GLOBAL}
+
+	<Directory /data/git/blender-cloud>
+		<Files runserver.wsgi>
+			Require all granted
+		</Files>
+	</Directory>
+
+	# Temporary edit to remap the old cloudapi.blender.org to cloud.blender.org/api
+	RewriteEngine On
+	RewriteCond "%{HTTP_HOST}"   "^cloudapi\.blender\.org" [NC]
+	RewriteRule (.*) /api$1 [PT]
+
+</VirtualHost>
--- a/docker/4_run/apache2.conf
+++ b/docker/4_run/apache2.conf
@@ -0,0 +1,153 @@
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+Mutex file:${APACHE_LOCK_DIR} default
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+# This needs to be set in /etc/apache2/envvars
+#
+PidFile ${APACHE_PID_FILE}
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 3600
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 5
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here.  If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog ${APACHE_LOG_DIR}/error.log
+
+#
+# LogLevel: Control the severity of messages logged to the error_log.
+# Available values: trace8, ..., trace1, debug, info, notice, warn,
+# error, crit, alert, emerg.
+# It is also possible to configure the log level for particular modules, e.g.
+# "LogLevel info ssl:warn"
+#
+LogLevel warn
+
+# Include module configuration:
+IncludeOptional mods-enabled/*.load
+IncludeOptional mods-enabled/*.conf
+
+# Include list of ports to listen on
+Include ports.conf
+
+
+# Sets the default security model of the Apache2 HTTPD server. It does
+# not allow access to the root filesystem outside of /usr/share and /var/www.
+# The former is used by web applications packaged in Debian,
+# the latter may be used for local directories served by the web server. If
+# your system is serving content from a sub-directory in /srv you must allow
+# access here, or in any related virtual host.
+<Directory />
+	Options FollowSymLinks
+	AllowOverride None
+	Require all denied
+</Directory>
+
+<Directory /usr/share>
+	AllowOverride None
+	Require all granted
+</Directory>
+
+<Directory /var/www/>
+	Options Indexes FollowSymLinks
+	AllowOverride None
+	Require all granted
+</Directory>
+
+#<Directory /srv/>
+#	Options Indexes FollowSymLinks
+#	AllowOverride None
+#	Require all granted
+#</Directory>
+
+
+
+
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives.  See also the AllowOverride
+# directive.
+#
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+<FilesMatch "^\.ht">
+	Require all denied
+</FilesMatch>
+
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive.
+#
+# These deviate from the Common Log Format definitions in that they use %O
+# (the actual bytes sent including headers) instead of %b (the size of the
+# requested file), because the latter makes it impossible to detect partial
+# requests.
+#
+# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
+# Use mod_remoteip instead.
+#
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+# Include of directories ignores editors' and dpkg's backup files,
+# see README.Debian for details.
+
+ServerName cloud.blender.org
+
+# Include generic snippets of statements
+IncludeOptional conf-enabled/*.conf
+
+# Include the virtual host configurations:
+IncludeOptional sites-enabled/*.conf
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- a/docker/4_run/build.sh
+++ b/docker/4_run/build.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+docker build -t armadillica/blender_cloud -f run.docker .
--- a/docker/4_run/docker-entrypoint.sh
+++ b/docker/4_run/docker-entrypoint.sh
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+if [ ! -f /installed ]; then
+    echo "Installing pillar and pillar-sdk"
+    # TODO: curretly doing pip install -e takes a long time, so we symlink
+    # . /data/venv/bin/activate && pip install -e /data/git/pillar
+    ln -s /data/git/pillar/pillar /data/venv/lib/python2.7/site-packages/pillar
+    # . /data/venv/bin/activate && pip install -e /data/git/attract
+    ln -s /data/git/attract/attract /data/venv/lib/python2.7/site-packages/attract
+    # . /data/venv/bin/activate && pip install -e /data/git/flamenco/packages/flamenco
+    ln -s /data/git/flamenco/packages/flamenco/flamenco/ /data/venv/lib/python2.7/site-packages/flamenco
+    # . /data/venv/bin/activate && pip install -e /data/git/pillar-python-sdk
+    ln -s /data/git/pillar-python-sdk/pillarsdk /data/venv/lib/python2.7/site-packages/pillarsdk
+    touch installed
+fi
+
+if [ "$DEV" = "true" ]; then
+    echo "Running in development mode"
+    cd /data/git/blender-cloud
+    bash /manage.sh runserver --host='0.0.0.0'
+else
+    # Run Apache
+    a2enmod rewrite
+    /usr/sbin/apache2ctl -D FOREGROUND
+fi
--- a/docker/4_run/manage.sh
+++ b/docker/4_run/manage.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash -e
+
+. /data/venv/bin/activate
+cd /data/git/blender-cloud
+python manage.py "$@"
--- a/docker/4_run/run.docker
+++ b/docker/4_run/run.docker
@@ -0,0 +1,46 @@
+FROM pillar_py:3.6
+
+RUN apt-get update && apt-get install -qyy \
+-o APT::Install-Recommends=true -o APT::Install-Suggests=false \
+git \
+apache2 \
+libapache2-mod-wsgi \
+libapache2-mod-xsendfile \
+libjpeg8 \
+libtiff5 \
+ffmpeg \
+rsyslog logrotate \
+nano vim curl \
+&& rm -rf /var/lib/apt/lists/*
+
+ENV APACHE_RUN_USER www-data
+ENV APACHE_RUN_GROUP www-data
+ENV APACHE_LOG_DIR /var/log/apache2
+ENV APACHE_PID_FILE /var/run/apache2.pid
+ENV APACHE_RUN_DIR /var/run/apache2
+ENV APACHE_LOCK_DIR /var/lock/apache2
+
+RUN mkdir -p $APACHE_RUN_DIR $APACHE_LOCK_DIR $APACHE_LOG_DIR
+
+ADD wheelhouse /data/wheelhouse
+RUN pip3 install --no-index --find-links=/data/wheelhouse -r /data/wheelhouse/requirements.txt
+
+VOLUME /data/git/blender-cloud
+VOLUME /data/git/pillar
+VOLUME /data/git/pillar-python-sdk
+VOLUME /data/git/attract
+VOLUME /data/git/flamenco
+VOLUME /data/config
+VOLUME /data/storage
+
+ENV USE_X_SENDFILE True
+
+EXPOSE 80
+EXPOSE 5000
+
+ADD apache2.conf /etc/apache2/apache2.conf
+ADD 000-default.conf /etc/apache2/sites-available/000-default.conf
+ADD docker-entrypoint.sh /docker-entrypoint.sh
+ADD manage.sh /manage.sh
+
+ENTRYPOINT ["bash", "/docker-entrypoint.sh"]