Changes for Fargate Dockstore deploy #225
Conversation
kathy-t
requested review from
david4096,
coverbeck,
denis-yuen,
svonworl,
chmreid and
Richard-Hansen
and removed request for
david4096 and
coverbeck
| @@ -2,6 +2,6 @@ | |||
|
|
|||
| cd "$(dirname "$0")" | |||
|
|
|||
| java -XX:MaxRAMPercentage=50.0 -XX:+ExitOnOutOfMemoryError -jar dockstore-webservice-*.jar server web.yml | tee --append /dockstore_logs/webservice.out | |||
| java -XX:MaxRAMPercentage=50.0 -XX:+ExitOnOutOfMemoryError -jar /home/dockstore-webservice-*.jar server web.yml | tee --append /dockstore_logs/webservice.out | |||
There was a problem hiding this comment.
I think the 50% is a holdover from when we had ElasticSearch and Postgres running on the same machine. We probably should have raised this for EC2 (and could maybe have brought down the instance size in conjunction with that).
But not to digress from the Fargate PR, that could be tackled separately... Should we be setting this at all for Fargate? I don't know, just asking.
There was a problem hiding this comment.
Hmmm, also Nextflow but yes. I suspect we can tune this for Fargate with some performance testing.
It probably should be a spin-off ticket to be tackled, much later.
There was a problem hiding this comment.
Ah, right forgot about Nextflow... we probably don't want to go too much higher after all, at least not in the EC2 world.
|
Marking this as ready for review because the corresponding dockstore-deploy PR https://github.com/dockstore/dockstore-deploy/pull/478 is ready for review |
| @@ -4,12 +4,12 @@ | |||
| cd "$(dirname "$0")" | |||
|
|
|||
| {{#DATABASE_GENERATED}} | |||
| java -Ddw.database.user=postgres -Ddw.database.password="{{{ POSTGRES_DBPASSWORD }}}" -jar dockstore-webservice-*.jar db migrate web.yml --include 1.3.0.generated,1.3.1.consistency,1.4.0,1.5.0,1.6.0,1.7.0 | tee --append /dockstore_logs/webservice.out | |||
| java -Ddw.database.user=postgres -Ddw.database.password="{{{ POSTGRES_DBPASSWORD }}}" -jar /home/dockstore-webservice-*.jar db migrate web.yml --include 1.3.0.generated,1.3.1.consistency,1.4.0,1.5.0,1.6.0,1.7.0 | tee --append /dockstore_logs/webservice.out | |||
There was a problem hiding this comment.
Related to comments in #483, the /home directory should not contain anything except home directories for users on the system. This jar should be in /home/<username>/. (probably ubuntu, but not sure what kind of container this script is being run in).
There was a problem hiding this comment.
This is in the /home directory because the webservice Dockerfile put it there: https://github.com/dockstore/dockstore/blob/develop/Dockerfile#L19. The docker-compose file also puts things in the /home directory: https://github.com/dockstore/compose_setup/blob/develop/docker-compose.yml#L25. Should I be making changes to fix that?
There was a problem hiding this comment.
FWIW, the home directory thing is Linux best practice. That said, since this seems to be already in use in our various environments (and for a while), I would split this out the a new ticket to use /home properly and systematically (not 100% sure, it makes sense for Docker anyway)
templates/web.yml.template
Outdated
| @@ -29,7 +29,7 @@ zenodoUrl: {{ ZENODO_URL }} | |||
| orcidClientID: {{ ORCID_CLIENT_ID }} | |||
| orcidClientSecret: {{ ORCID_CLIENT_SECRET }} | |||
|
|
|||
| gitHubAppPrivateKeyFile: /home/dockstore_github_app_private_key.pem | |||
| gitHubAppPrivateKeyFile: /home/github-key/dockstore-github-private-key.pem | |||
There was a problem hiding this comment.
The way this reads, you have a user named github-key and the only reason they exist is so their home directory can contain a .pem key. The problem is, /home/ is being used as a home directory, but the home directory should be /home/<username>.
There was a problem hiding this comment.
I changed this to the /dockstore/github-key directory: 587358c
SEAB-4096
This PR introduces changes that are needed by the Fargate Dockstore stack (https://github.com/dockstore/dockstore-deploy/pull/478).
I added a
IS_FARGATE_DEPLOYkey which allowsinstall_bootstrapto create the config files in a way that can be used by the fargate deploy. The regular docker-compose deploy should be unaffected.Changes:
gitHubAppPrivateKeyFilepath is slightly changed in web.ymltemplates/default.nginx_http.conf.template,$webserviceis set to127.0.0.1for Fargate deploy because containers that belong to the same task can communicate over the localhost interface.init_migrationsandinit_webservicebecause the respective scripts are not in the same directory as the jar