Skip to content

PrankWeb deploy to production

Petr Škoda edited this page Mar 18, 2023 · 8 revisions

This page describes how is prankweb deployed on our servers.

Prankweb

  • Build images and create volumes as described in install with docker. Keep in mind that the instance is public, so you need to set strong passwords.
  • Run docker compose docker-compose -f docker-compose-prankweb.yml up -d.
  • Install NginX on the host machine.
  • Configure NginX to proxy to the Docker.

server {
    listen 80;
    listen [::]:80;

    server_name prankweb.cz;

    return 301 https://$host$request_uri;
}

server {
    listen 80;
    listen [::]:80;

    server_name v1.prankweb.cz;

    location / {
       proxy_pass http://195.113.21.80$uri$is_args$args;
       proxy_set_header   Host             $host;
       proxy_set_header   X-Real-IP        $remote_addr;
       proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
       proxy_pass_request_headers      on;
    }
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    # SSL termination.
    ssl_certificate /etc/letsencrypt/live/prankweb.cz/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/prankweb.cz/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    index index.html;
    root /data/;

    server_name prankweb.cz;

    proxy_buffer_size 128k;
    proxy_buffers 4 256k;
    proxy_busy_buffers_size 256k;

    # Maximum size of request and thus structure.
    client_max_body_size 2M;

    location /www/ {
    }

    # This section can be used to deploy different frontend.
    # First we redirect all API calls to standard URL.
    #location /www/prankweb-3.0.0/api/ {
    #    rewrite ^/www/prankweb-3.0.0/api/(.*)$ https://prankweb.cz/api/$1  break;
    #}
    # Second we server the static content.
    #location /www/prankweb-3.0.0/ {
    #    try_files $uri $uri.html $uri/ =404;
    #}

    location / {

        # Support for maintenance page.
        # Just create file /data/prankweb/maintenance
        if (-f $document_root/prankweb/maintenance) {
            return 503;
        }

        # Proxy to Docker container.
        proxy_pass http://127.0.0.1:8020$uri$is_args$args;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass_request_headers on;
        proxy_connect_timeout 600s;
        proxy_send_timeout 600s;
        proxy_read_timeout 600s;
        send_timeout 600s;
    }

    error_page 503 @maintenance;
    location @maintenance {
        rewrite ^(.*)$ /prankweb/prankweb-maintenance.html break;
    }

}

FunPDBe

We employ Cron and scripts to automatically add predictions from PDB.

The first is Crontab listing from crontab -l.

0,10,20,40,50 * * * * ~/prankweb-check-executions.sh >> /data/prankweb/funpdbe/update.log 2>&1
30 7 * * * ~/prankweb-synchronize.sh >> /data/prankweb/funpdbe/update.log 2>&1

Content of prankweb-check-executions.sh file. This file is responsible for running prediction on prankweb instance.

#!/bin/bash
docker run --rm -v /data:/data prankweb_administration python3 /opt/synchronization/run_synchronization.py --queue-limit=2 --server-directory /data/prankweb/predictions/v3-conservation-hmm --data /data/prankweb/funpdbe --p2rank-version=2.4

Content of prankweb-synchronize.sh file. This file is responsible for synchronizing with PDB.

#!/bin/bash
docker run --rm -v /data:/data prankweb_administration python3 /opt/synchronization/run_synchronization.py --check-pdb --queue-limit=2 --server-directory /data/prankweb/predictions/v3-conservation-hmm --data /data/prankweb/funpdbe --p2rank-version=2.4

The prankweb_administration Docker image is build from the administration directory using command.

docker build --build-arg UID=1002 --build-arg GID=1002 -f ./administration/Dockerfile -t prankweb_administration .

Design decisions

This sections comment on the main decision that we made regarding the deployment.

Use Docker

Although it would be possible to install prankweb and all its dependencies locally, we decide to employ Docker. This forces us to keep the Docker image up-to-date and improve isolation of the environment. As a result it is easier to replicate the deployment on other servers.

NginX behind NginX

We decide to run an instance of NginX on the host. This instance is responsible for handling HTTPS termination and maintenance page. This instance proxy request to prankweb gateway Docker image. We are not aware of any issues with running two NginX instances in a row.

This approach helps us to fully use prankweb Docker images. Also, it makes it possible to run multiple prankweb online instances.