The purpose of this project is to create a universal boilerplate for web projects that would allow kickstarting a project in a matter of seconds having an infrastructure of enterprise standards. POC for a project might take hours, when deployment, setup of monitoring and logging sometimes takes days. This boilerplate have all the nessesary parts set up and available in matter of seconds without any sophisticated configuration.
It goes with two subdomain-environments preconfigured, yet the architecture poses no limitation on the number of environments.
Quick and straightforward install: initial configuration takes a few minutes, no bash scripts involved.
Everything is contained in Docker containers managed by Swarm. It doesn't need additional maintenance to run.
Due to the application's limited exposure, there are few security concerns. Services are not exposed to the public network and all external calls are routed through a single Nginx reverse proxy.
The boilerplate contains all the necessary tools:
-
a private registry;
-
an instance of Portainer to manage and deploy services;
-
a monitoring stack combining Prometheus, cAdvisor, Node Exporter, and Grafana;
- Ubuntu 20 LTS
- sudo access
TBD
Install Docker:
curl -fsSL get.docker.com -o get-docker.sh && \
CHANNEL=stable sh get-docker.sh && \
rm get-docker.shGet your kernel name:
uname -sGet your architecture:
uname -mReplace <dist> with your kernel name and <arch> with your architecture and install Docker Compose:
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-<dist>-<arch>" -o /usr/local/bin/docker-compose && \
sudo mv /usr/local/bin/docker-compose /usr/bin/docker-compose && \
sudo chmod +x /usr/bin/docker-composeStart the swarm and save advertised address to join worker nodes:
docker swarm initInstall Docker:
curl -fsSL get.docker.com -o get-docker.sh && \
CHANNEL=stable sh get-docker.sh && \
rm get-docker.shJoin the swarm replacing the <token> and <ip> with values provided during the manager setup
docker swarm join --token <token> <ip># App domain name (without www, slashes or scheme)
export APP_DOMAIN=notifio.io
# An arbitrary string to tag app's images
export APP_VERSION=0.1.0-beta
# App dev VPN IP address
export APP_DEV_VPN_ADDRESS=1.1.1.1
#
export APP_CERTS_HOST_LOCATION=/etc/letsencrypt
#
export APP_CERTS_CONTAINER_LOCATION=/etc/letsencrypt
# Including APP_CERTS_CONTAINER_LOCATION
export APP_CERTIFICATE_PATH=${APP_CERTS_CONTAINER_LOCATION}/live/notifio.io/fullchain.pem
# Including APP_CERTS_CONTAINER_LOCATION
export APP_CERTIFICATE_KEY_PATH=${APP_CERTS_CONTAINER_LOCATION}/live/notifio.io/privkey.pemAll commands to be executed from manager node.
Clone the repository and open the project:
git clone https://github.com/mikhail-ev/notifio.io.git
cd notifio.io # TODO changeCreate a routing network:
docker network create -d overlay routingReplace user and passwd with your username and password and generate htpasswd file for the registry:
docker run -v /root/registry:/root/registry --entrypoint htpasswd httpd:2 -Bbc /root/registry/htpassword user passwdDeploy the infra stack:
docker stack deploy --compose-file stacks/infra/docker-compose.yml infraDeploy the monitoring stack:
docker stack deploy --compose-file stacks/monitoring/docker-compose.yml monitoringReplace the username and password with the credentials you used to generate htpasswd file and login to registry:
docker login -u username -p password registry.notifio.ioOpen the application stack in the shell:
cd stacks/appSet the app's version:
export APP_VERSION=0.0.1-betaBuild docker images:
docker compose buildPush docker images:
docker compose pushNow, deploy the staging stack:
docker stack deploy --compose-file docker-compose.yml --with-registry-auth stagingAnd deploy the production stack:
docker stack deploy --compose-file docker-compose.yml --with-registry-auth productionTBD
TBD
- Split
stagingenv into multiple on-demand environments of the second level - Set consistent naming among networks