The following binaries should be available:
- useradd
- usermod
- base64
- curl
- docker, docker compose OR docker-compose
- python3
- python3-yaml
- sudo
- tar
- unxz
The scripts rely on a system running systemd.
- Create the installer:
make installer - Copy the
capp-installerfile to your host target. - Execute it with root privilege and by specifying the default hostname and email address to use for the
proxy(email is used for let's encrypt):
capp-installer example.com [email protected]
Be sure to have your sshd service up and running.
Users allowed to upload DCA files should have their public keys in /etc/dca-authorized-keys.
Users allowed to act on deployments should have their public keys in /etc/deploy-authorized-keys.
You don't have to do anything after modifying this file for the content to be taken into account.
All actions should be done under the compose account.
To switch to it, use su -s /bin/bash --login compose from root account.
Main scripts are compose-dirs and capp.
Use capp users add to create your first user.
Two ssh servers are running on the node: one for administration and deployements (port 22), one for transfering Docker Compose Archives (port 122).
If you have your public key allowed, you could transfer a dca file and its signature to node by doing something like:
scp -P 122 my.dca* dca@node:
ssh deploy@node dcas [--check]
Without check, it will only list dca files. With it, it will also indicate if checksum is ok or not.
ssh deploy@node deploy /home/deploy/dca/my.dca [clean] [nostart]
This will verify the file, extract it, install docker images, docker-compose config file, systemd service and start it.
If clean is provided, any pre-existing volumes will be deleted prior deploy.
If nostart is provided, the system service will not be started. This let you the chance to hack into before starting it.
This will exit with 0 status if deploy was ok, greater number in case of error.
ssh deploy@node undeploy my_app integ [all]
This will stop the docker services, remove the systemd service, delete docker-compose files and images.
If all is provided, then all related images and volumes will also be deleted.
Be careful, volumes may contains data not backuped!
This will exit with 0 status if undeploy was ok, greater number in case of error.
See ssh deploy@node help for an exhaustive list of all actions and options.
Be sure to force a TTY with ssh: ssh -t or RequestTTY yes in .ssh/config.
sshi -t deploy@node exec my_app integ my_service
- Connect into node and change to the
composeaccount (or your account if in thedockergroup). - Go into you app and environment folder, containing
docker-compose.ymlfile, for instancecd myapp/prodfromcomposehome dir. - Use any
docker composecommand, likeexecto enter a container.
⚠ Keep in mind that the compose app is handled by a systemd service so don't start or stop the compose while the service is running.
Better use the capp start|stop commands or sudo systemctl start|stop commands.
Use testindocker script to test all this in a local docker.
- Use
ssh -p 1022 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no [email protected](with password root) to spawn a shell within that container (tmuxis available) - Use
sudo su -s /bin/bash composeto switch to compose user - Use
capp users add your_user 'your_public_key'to add your user with all rights - Use
scp -P 1122 -O -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no test/myapp--prod.dca* [email protected]:to upload a sample dca file (and its checksum) - Use
ssh -p 1022 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no [email protected] dcas --checkto check for dca file presence and correctness - Use
ssh -p 1022 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no [email protected] deploy myapp--prod.dcato deploy the application - Check
http://myapp.test.capp
Authors:
- Cyrille Pontvieux
- David Garceries
- Samir Hachimi