Docker deployment support

[meetwudi]

Add docker support (see #450).

Couple things to note:

• I removed imagemin task in grunt since
  • It is obsolete and cannot be downloaded anymore (at least on my side). It can block building so I removed it.
  • It is useless, I mean, in re:dash
• Example docker-compose.yaml is added.
• Made service listen on 0.0.0.0 instead of only 127.0.0.1. So docker containers can accept incoming traffic then.

[arikfr]

Is there a reason to use Debian and not Ubuntu as the base image?

[arikfr]

Thanks, @tjwudi ! This is much appreciated (and long awaited).

I've left some comments.

[meetwudi]

Also, @arikfr is it a good practice to use db containers? Since files modified will be discarded when container stops, then all data will be lost if we do not commit the container regularly.

[meetwudi]

Updated!

[arikfr]

@tjwudi that's what data volumes are for: https://docs.docker.com/userguide/dockervolumes/

[arikfr]

This line is probably not needed. I had some issues with AWS Ubuntu images, and added it. But normally everything should work fine without it.

[meetwudi]

Which line is it? GitHub didn't point out which one exactly

[arikfr]

RUN apt-get dist-upgrade

[meetwudi]

@arikfr then probably add data volumes in docker-compose-example.yaml?

[arthurpsmith]

FYI below is the docker-compose.yml file I've been using with success. Some notes on differences:

• No need to expose the ports on the redis and postgres containers - these are automatically available to the redash container via the link, they do not need to be exposed on the docker host machine.
• with a POSTGRES_PASSWORD environment variable, the default admin user (postgres) on the postgres server can be accessed by username/password authentication. In my "redash_start.sh" script I have a line export PGPASSWORD=${POSTGRES_PASSWORD} when I need to log in as the postgres user via psql (ie. psql -h postgres -U postgres postgres ... works by pulling the password from the environment).
• Uses a volume on the host to have a persistent database between updates of the postgres container. A different volume choice might be suitable depending on your needs.
• exposes the redash port (5000) via a port map on the host. If you want nginx in front you could, (that would be one more container with the nginx image + a custom config file) but it doesn't seem needed.

redis:
  image: redis

postgres:
  image: postgres
  environment:
    POSTGRES_PASSWORD: xxxxxxxx
  volumes:
   - /opt/postgres-data:/var/lib/postgresql/data

redash:
  build: .
  container_name: redash
  links:
   - redis
   - postgres 
  environment:
    POSTGRES_PASSWORD: xxxxxxxx
  ports:
   - "8080:5000"

[bobrik]

I played with re:dash a bit and decided that it's nice to split celery and web into separate containers. It's easier to run on marathon and scale this way and you don't have to mess with init systems.

[meetwudi]

So I decided to create a separate image for redash nginx. It's now live on https://hub.docker.com/r/tjwudi/redash-nginx/ and repo https://github.com/tjwudi/redash-nginx.

[arikfr]

Why not keep the Dockerfile and nginx.conf for the nginx image in this
repo? It will make it easier to manage access and edit Docker related
configuration.

Also make sure to add daemon off directive to nginx.conf.
On Oct 8, 2015 9:34 PM, "John Wu" notifications@github.com wrote:

So I decided to create a separate image for redash nginx. It's now live on
https://hub.docker.com/r/tjwudi/redash-nginx/ and repo
https://github.com/tjwudi/redash-nginx.

—
Reply to this email directly or view it on GitHub
#588 (comment).

[meetwudi]

@arikfr Also makes sense. Though I prefer one image one repo, I can do it if that is what you guys want :)

[meetwudi]

@arikfr daemon is off by default

[meetwudi]

Well the thing is, the latest build does not contain supervisord_docker.conf so it can fail if you try to build. Anyway, it is now downloading from latest build instead :)

[meetwudi]

@bobrik Separating celery is definitely what we want to do next, but probably in another branch maybe? b/c I don't know the complexity to do it yet.

[arikfr]

I agree that we can split the images in another iteration/branch. Also the resulting image can still be used without the supervisord with custom run command.

[arikfr]

Unless in newer versions of nginx those options are on by default worth adding to the server directive:

  gzip on;
  gzip_types *;
  gzip_proxied any;

and to the location / directive:

    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

[meetwudi]

Thanks for this!

[arikfr]

this is no longer used.

[meetwudi]

Removed :)

[landscape-bot]

Repository health increased by 0.45% when pulling e19962d on tjwudi:diwu/feature/docker-deployment into 5d1c75d on EverythingMe:master.

• 14 new problems were found (including 0 errors and 14 code smells).
• 14 problems were fixed (including 0 errors and 14 code smells).

[arikfr]

Merged. I will probably tweak it some more myself, to make it work with CI and everything.

Thanks a lot for the effort making this and patience during the review. :-) 👍

[meetwudi]

My pleasure. Learned a lot here. Will go on contributing :) @arikfr ++

[arikfr]

Awesome 👍

[meetwudi]

@arikfr are you working on separating celery tasks? If not, I am happy to take over.

[arikfr]

@tjwudi you mean having Celery and gunicorn in separate containers?