-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes for Fargate Dockstore deploy #225
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(this part) seems straightforward but was curious
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some curiosity questions, but looks good to me, in so far as I (don't) understand Fargate.
@@ -2,6 +2,6 @@ | |||
|
|||
cd "$(dirname "$0")" | |||
|
|||
java -XX:MaxRAMPercentage=50.0 -XX:+ExitOnOutOfMemoryError -jar dockstore-webservice-*.jar server web.yml | tee --append /dockstore_logs/webservice.out | |||
java -XX:MaxRAMPercentage=50.0 -XX:+ExitOnOutOfMemoryError -jar /home/dockstore-webservice-*.jar server web.yml | tee --append /dockstore_logs/webservice.out |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the 50% is a holdover from when we had ElasticSearch and Postgres running on the same machine. We probably should have raised this for EC2 (and could maybe have brought down the instance size in conjunction with that).
But not to digress from the Fargate PR, that could be tackled separately... Should we be setting this at all for Fargate? I don't know, just asking.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmmm, also Nextflow but yes. I suspect we can tune this for Fargate with some performance testing.
It probably should be a spin-off ticket to be tackled, much later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, right forgot about Nextflow... we probably don't want to go too much higher after all, at least not in the EC2 world.
Marking this as ready for review because the corresponding dockstore-deploy PR https://github.com/dockstore/dockstore-deploy/pull/478 is ready for review |
@@ -4,12 +4,12 @@ | |||
cd "$(dirname "$0")" | |||
|
|||
{{#DATABASE_GENERATED}} | |||
java -Ddw.database.user=postgres -Ddw.database.password="{{{ POSTGRES_DBPASSWORD }}}" -jar dockstore-webservice-*.jar db migrate web.yml --include 1.3.0.generated,1.3.1.consistency,1.4.0,1.5.0,1.6.0,1.7.0 | tee --append /dockstore_logs/webservice.out | |||
java -Ddw.database.user=postgres -Ddw.database.password="{{{ POSTGRES_DBPASSWORD }}}" -jar /home/dockstore-webservice-*.jar db migrate web.yml --include 1.3.0.generated,1.3.1.consistency,1.4.0,1.5.0,1.6.0,1.7.0 | tee --append /dockstore_logs/webservice.out |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Related to comments in #483, the /home
directory should not contain anything except home directories for users on the system. This jar should be in /home/<username>/.
(probably ubuntu, but not sure what kind of container this script is being run in).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is in the /home
directory because the webservice Dockerfile put it there: https://github.com/dockstore/dockstore/blob/develop/Dockerfile#L19. The docker-compose file also puts things in the /home
directory: https://github.com/dockstore/compose_setup/blob/develop/docker-compose.yml#L25. Should I be making changes to fix that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FWIW, the home
directory thing is Linux best practice. That said, since this seems to be already in use in our various environments (and for a while), I would split this out the a new ticket to use /home
properly and systematically (not 100% sure, it makes sense for Docker anyway)
templates/web.yml.template
Outdated
@@ -29,7 +29,7 @@ zenodoUrl: {{ ZENODO_URL }} | |||
orcidClientID: {{ ORCID_CLIENT_ID }} | |||
orcidClientSecret: {{ ORCID_CLIENT_SECRET }} | |||
|
|||
gitHubAppPrivateKeyFile: /home/dockstore_github_app_private_key.pem | |||
gitHubAppPrivateKeyFile: /home/github-key/dockstore-github-private-key.pem |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The way this reads, you have a user named github-key
and the only reason they exist is so their home directory can contain a .pem
key. The problem is, /home/
is being used as a home directory, but the home directory should be /home/<username>
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I changed this to the /dockstore/github-key
directory: 587358c
SEAB-4096
This PR introduces changes that are needed by the Fargate Dockstore stack (https://github.com/dockstore/dockstore-deploy/pull/478).
I added a
IS_FARGATE_DEPLOY
key which allowsinstall_bootstrap
to create the config files in a way that can be used by the fargate deploy. The regular docker-compose deploy should be unaffected.Changes:
gitHubAppPrivateKeyFile
path is slightly changed in web.ymltemplates/default.nginx_http.conf.template
,$webservice
is set to127.0.0.1
for Fargate deploy because containers that belong to the same task can communicate over the localhost interface.init_migrations
andinit_webservice
because the respective scripts are not in the same directory as the jar