Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upAdded Ingress specific changes (backwards compatible) #96
Conversation
|
@icyflame @amrav @thealphadollar Please review. |
|
Thanks @grapheo12 for the PR and all the amazing work on Ingress |
|
This PR is removing the exposure of one container port to the host. So, deploying this would bring the wiki down? Or does
This is the current network diagram. In this diagram, this PR will remove the link between host and Nginx container.
Can you elaborate what you are trying to say here? We should avoid any manual step (even one-time steps) to ensure that we can bring the wiki up from scratch with just docker-compose. I think we should expose to some port on the host and the ingress can expose that host port to the world. We can use UFW to ensure that only one world facing port exists. |
| ports: | ||
| - "${SERVER_PORT:-8080}:80" | ||
| networks: | ||
| nginx-network: |
icyflame
Sep 1, 2020
Member
I am not sure how this is backward compatible? I think we have to stop the wiki server. Implement this change, then bring the ingress up and restart service?
I am not sure how this is backward compatible? I think we have to stop the wiki server. Implement this change, then bring the ingress up and restart service?
grapheo12
Sep 1, 2020
Author
Contributor
Yeah actually I meant backwards compatible in a loose sense as this will not do much change to the way wiki works now.
Yeah actually I meant backwards compatible in a loose sense as this will not do much change to the way wiki works now.
|
Changing review state; |
I meant just as you restart the containers now, after this PR, there would be almost no change to how that happens. |
|
In our current plan, there is only one port exposed to the host, and that is the port 80 of Ingress. Please check out: grapheo12/ingress@a069047 If you think this might not be a good idea, do tell us what to change. |
|
@grapheo12 Yes, sorry, I don't think it's a good idea to make the addition of a command line option required. This requires quite a bit of explanation and I would like to avoid those kind of gotchas if possible. This is my proposal:
Here's a list of pros and cons I could think of. I can't think of any other cons, please add any that of
What do you think about this approach? |
|
This was what Ingress initially did. And then we moved to docker networks. We then have to rollback ingress. |
|
@icyflame Do you think it is pro for the network that they ingress cannot be started without wiki and iqps containers running? I think this loose coupling will help avoid issues. One con, a trivial one for our case, for networks is that bridge networks are slower compared to host network. Anyways, it was my suggestion to use docker networks since I preferred to not expose ports to the system for this loose coupling and in general to avoid usage of ports that could be used by some other application. My apologies @grapheo12 for increasing the work for you. I especially like the tests part and then these containers can be run independently as well. Can we please roll the docker-networks back? I'm really sorry for the extra work you had to do |
|
Ah, I see, I didn't follow the conversation closely about moving to docker networks closely. Sorry about the back and forth on this, Shubham!
The ingress can be started, it won't work because the underlying service is not up but the ingress will be up and do it's job. Essentially, the ingress, wiki and iqps are completely independent.
Yes, exactly Yes, I agree with your assessment that this will not affect us significantly.
I can't tell what unit the latency is in here, but either way, it doesn't matter because the difference is about 10-20% |
After @thealphadollar 's changes to ingress, there were some problems which I corrected.
After testing, I came up with this simple config:
Now we do not need to specify ports for wiki. It can listen to port 80. However, we need a fixed container name (which this PR fixes) and a fixed network name (also ensured by this PR and partly ensured by the naming convention of docker-compose).
See the current ingress docker-compose for the use of
metakgp-wiki_nginx-network.This makes the changes backwards compatible, meaning, even without Ingress, wiki would run without any change to the docker-compose file. Just then port forwarding has to be done manually.
If this is merged, #95 would become stale.