The intention here is not just to make it easy to spin up an environment but also to document what is needed.
AWS and DigitalOcean access tokens:
export TF_VAR_aws_access_key_id=foo
export TF_VAR_aws_secret_key=foo
export TF_VAR_do_token=digital-ocean-api-tokenWe use Packer to create machine images for the cljdoc server. All
required files can be found in ./image/. The images are based on CentOS 7.
On top of the base OS the following things are added:
-
Docker
-
Nomad
-
Consul
For details see configuration and Systemd service files in conf/. All
code that is ran to prepare the image can be found in nomad.packer.json.
We use Terraform to create various resources on AWS and DigitalOcean:
-
an S3 bucket for cljdoc releases (+ user & key)
-
an S3 bucket for cljdoc backups (+ user & key)
-
a DigitalOcean droplet to run cljdoc
-
a Route53 HostedZone for domain supplied in the configuration
-
a HostedZone RecordSet to point the domain to the droplet
|
Note
|
The used domain can be customized in cljdoc.tfvars. The domain will
not be bought and it is expected that the domain’s nameserver are set to
the nameservers of the Route53 HostedZone, which are part of the
outputs.
|
|
Note
|
These commands require the environment variables mentioned in Prerequisites to be set. |
cd ops/infrastructure
terraform plan -var-file cljdoc.tfvars
terraform apply -var-file cljdoc.tfvars
terraform refresh -var-file cljdoc.tfvarsRetrieving outputs:
terraform output
terraform output -json
terraform output main_ipcd ops/docker
make imageThis will package the cljdoc application in a Docker container. A tag will be determined
based on number of commits, branch and commit SHA. Images are published to Docker Hub during
CI. See .circleci/config.yml.
To deploy the cljdoc service to the provisioned infrastructure we use Nomad. While Nomad also provides a convenient CLI interface it has proven easier to generate Nomad job specs using Clojure and submit them to the Nomad server via HTTP.
The code to do this can be found in modules/deploy.
To run it the following commands can be used:
cd modules/deploy/
docker_tag=$(../../script/version.sh)
clojure -m cljdoc.deploy deploy --docker-tag $docker_tagThis will fail unless the cljdoc Docker repository has an image with the provided tag. The tag names are determined based on Git commit count, branch and HEAD and images are pushed to Docker Hub as part of CI.
./ops/nomad.shThe script above will launch an SSH process forwarding port 4646 and 8500 from the host
specified by main_ip in the Terraform outputs.
With Nomad installed you can now run nomad comands like the following:
nomad status cljdoc
nomad alloc logs -f 683ade58
nomad deployment listSee backup.sh and restore.sh.
Restoring from backups stored on S3:
data_dir="/data/cljdoc/"
curl https://s3.amazonaws.com/cljdoc-backups/backup-2018-12-12.tar.gz -o backup.tar.gz
tar -xf backup.tar.gz -C "${data_dir}"
rm backup.tar.gzTraefik generates SSL certificates on demand but seems to have minor bugs here and there. If we need to drop Traefik for some reason we could look into acme.sh: