617b600ce8
Upgraded docker-compose.yaml file format from 1 to 3.4
...
This allows us to set logging options, which weren't available in version 1.
I've also added newlines around each service definition, and made the
formatting consistent across the entire file (using align-yaml, one of the
tools of the atom-beautify plugin for Atom).
2017-12-22 11:54:06 +01:00
5e15185166
HaProxy: Explicitly configure allowed TLS ciphers
2017-12-13 14:00:51 +01:00
5efca08c13
Docker Apache: added svnman XSendFilePath
2017-12-08 17:06:56 +01:00
00805c3372
Upgraded Python to 3.6.3
2017-12-07 14:02:35 +01:00
035382d1e5
docker: allow running 1_base/build.sh with --no-cache
...
This rebuilds the image from scratch, also pulling in security updates.
2017-12-07 14:02:20 +01:00
7dcc0d5ead
Size-based Apache log rotation
2017-12-07 10:21:55 +01:00
9dfe75ed1e
Include pillar-svnman in docker image
2017-11-14 16:28:52 +01:00
97dff66159
Add rewrite rule for new project
2017-10-25 15:52:33 +02:00
e45976d4e5
Added ElasticProxy to the docker/README.md file.
2017-09-26 12:27:36 +02:00
565e5e95a5
Disabled web frontend for Grafista.
...
It still collects daily statistics, until we're 100% sure our own
pillar-statscollector is doing its job correctly.
2017-09-26 12:27:24 +02:00
c2fff6a9cb
Removed -verbose from elasticproxy CLI
2017-09-26 11:58:58 +02:00
fa249d1952
Kibana: include config file that doesn't refer to xpack
...
The default Kibana config file still has an option to enable X-pack, which
is now removed.
2017-09-26 11:53:22 +02:00
d02de8e18b
Disable Dev Tools panel.
2017-09-26 11:47:09 +02:00
c6d645f664
Removed old X-pack options
...
These aren't necessary any more now that we use an image with X-pack.
2017-09-26 11:46:59 +02:00
d90794a4f0
Put elasticproxy in between Kibana and ElasticSearch
...
This blocks any data-changing HTTP request from reaching ElasticSearch.
2017-09-26 11:27:45 +02:00
82a4bcd185
Allow letsencrypt to run on stats.cloud.blender.org
2017-09-21 13:50:44 +02:00
4432e5b645
Added note in docker/README about permissions on /data/storage/elasticsearch
2017-09-21 13:50:31 +02:00
5948ee7c6f
Kibana: more frequent garbage collection to limit memory usage
...
See https://github.com/elastic/kibana/issues/5170#issuecomment-163042525
2017-09-21 11:52:22 +02:00
5b5005f33e
Oops
2017-09-21 11:46:01 +02:00
98177df7bd
Elastic: moved memory limit to environment variable
...
This allows us to easily change it without rebuilding the Docker image.
2017-09-21 11:38:17 +02:00
8e6fc604e3
Build custom images for ElasticSearch & Kibana
...
We can then remove X-Pack and control ElasticSearch's memory usage.
This also gives us the opportunity to let Kibana do its optimization when
we build the image, rather than every time the container is recreated.
2017-09-21 11:28:16 +02:00
2e2fc791e1
Added Kibana to the docker-compose stack
2017-09-20 16:58:18 +02:00
00eb6d8685
Upgraded ElasticSearch 5.6.0 → 5.6.1
2017-09-19 13:48:53 +02:00
9034c36564
Added ElasticSearch docker container.
...
So far it's just a standalone docker container, as there is no publicly
accessible Kibana container yet. To use, just SSH-tunnel port 9200.
2017-09-18 17:38:55 +02:00
f74e05229c
Replace pillar-web with blender-cloud, and add HTTPS support
...
Other vhosts are already configured to use the 'blender-cloud' hostname,
and now the main one is too. It also adds HTTPS support, so that you can
test locally without having to set FORCE_SSL to false. This does require
you to create a TLS certificate in /data/certs/blender-cloud.pem, using:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
cat key.pem cert.pem > blender-cloud.pem
rm key.pem cert.pem
2017-09-18 12:21:33 +02:00
6d9192f0ab
Upgrade Python 3.6.1 → 3.6.2
2017-09-18 12:17:50 +02:00
b554756f54
HaProxy: enable gzip compression for certain content types.
2017-09-15 11:03:28 +02:00
f2ad7b8868
Bumped thread count to 32, lowered proc count to 2
...
We have 2 CPUs at our DigitalOcean droplet, hence the proc count.
2017-09-14 17:17:45 +02:00
22b8ed0bc0
Added "celery beat" docker container
2017-09-14 15:58:03 +02:00
8df67bfeb5
After building the image, tell the user the image name
...
This makes pushing easier, as you can copy-paste the name into the push
command.
2017-09-12 12:10:32 +02:00
7f65b77824
New redirect from /training to /courses
2017-07-26 16:51:35 +02:00
a43e84f93e
Made script executable
2017-07-07 12:03:18 +02:00
56af1cd96c
Added renewal script for Let's Encrypt
2017-07-07 12:02:49 +02:00
69862b8416
Docker: removed blender-cloud/.well-known from letsencrypt
...
That domain is handled by a different host.
2017-07-07 11:40:27 +02:00
b9a7f501ba
Docker: Dropping support for cloudapi.blender.org
2017-07-07 11:40:25 +02:00
6fc77522ea
Removed localhost declaration
2017-07-07 11:24:14 +02:00
538a10af60
Added docker container for serving letsencrypt webroot.
2017-07-07 11:23:38 +02:00
a62d1e3d7d
Updated celery-worker.sh to actually star the Celery worker.
2017-06-07 17:19:02 +02:00
d56e1afe73
Upgraded docker images Python 3.6.0 → 3.6.1
2017-06-07 13:22:57 +02:00
8b110df32a
Convert all Redirects to RewriteRules in Apache conf
...
This allows for more precise redirection. Using the correct code (301, permanently moved) and L (Last rule, prevent any further evaluation).
2017-06-02 11:18:57 +02:00
9da841efc3
Added Celery worker docker container
...
This docker container uses the Blender Cloud image, but a different entry
point. It is not intended to be network-reachable from the outside world.
All it needs are connections to the databases (mongo, redis, rabbit).
2017-06-02 10:55:18 +02:00
c73efd5998
Added RabbitMQ, for serving as Celery broker.
2017-06-02 10:55:18 +02:00
93edfb789f
Add Blender Cloud specific redirects
...
Originially hardcoded in Pillar, these redirects are rarely changed or added.
2017-06-01 17:27:00 +02:00
c775126cba
Docker startup: create ${APACHE_LOG_DIR} if it doesn't exist yet
2017-05-17 10:34:13 +02:00
39ce21f7f9
Copy /lib/systemd/system/docker.service to /etc/systemd/system/docker.service
...
This allows later upgrading of docker without overwriting the changes
indicated in the README.
2017-05-17 10:12:22 +02:00
3308018887
Docker: replaced "latest-py36" with "latest" in README.md
2017-05-17 10:11:49 +02:00
b93448f682
Start cron when starting the Cloud docker
...
This will regularly run logrotate, preventing the build-up of log files
of multiple gigabytes.
2017-05-17 10:08:27 +02:00
2892a46a27
Docker: store Cloud container /var/log on host in /data/log
2017-05-17 10:07:40 +02:00
bd9265e4f1
Tag blender_cloud Docker image as latest
2017-04-11 12:52:44 +02:00
57aeea337b
Switch from id --group id -g
...
This makes the script compatible with macOS.
2017-04-11 12:34:07 +02:00
