try demo deploy update #825

opendp · Aug 21, 2023 · ad1ebce · ad1ebce
1 parent 7c63600
commit ad1ebce
Show file tree

Hide file tree

Showing 5 changed files with 348 additions and 28 deletions.
diff --git a/deploy/README.md b/deploy/README.md
@@ -41,7 +41,7 @@ Deployment currently requires the building of two Docker images:
 Set an environment variable called "today" of the form YYYY-MMDD. We will use this throughout the deploy:
 ```
 # Example: (use today's date)
-export today=2022-0717
+export today=2023-0821
 ```
 
 ### (A) DPCreator app

diff --git a/deploy/k8s_maker/dpcreator_specs_01.py b/deploy/k8s_maker/dpcreator_specs_01.py
@@ -7,7 +7,7 @@
                 #
                 dpcreator_app_container="ghcr.io/opendp/dpcreator/app",     # app image (server + compiled Vue.js)
                 dpcreator_nginx_container="ghcr.io/opendp/dpcreator/nginx",  # Nginx image
-                dpcreator_container_tag="2022-0719",  # "latest",  # Tag for Images
+                dpcreator_container_tag="2023-0821",  # "latest",  # Tag for Images
                 #
                 DEFAULT_FROM_EMAIL='info@opendp.org',  # Related to the Sendgrid API call
                 #

diff --git a/deploy/k8s_maker/make_k8s.py b/deploy/k8s_maker/make_k8s.py
@@ -22,5 +22,5 @@ def make_k8s_template(specs, output_prefix=''):
 
 if __name__ == '__main__':
     # make_k8s_template()
-    make_k8s_template(dpcreator_specs.specs_dev_dpcreator_org, output_prefix='dev.')
+    # make_k8s_template(dpcreator_specs.specs_dev_dpcreator_org, output_prefix='dev.')
     make_k8s_template(dpcreator_specs.specs_demo_dpcreator_org, output_prefix='demo.')
diff --git a/deploy/k8s_maker/rendered/demo.dpcreator.org_08_2023_0821.yaml b/deploy/k8s_maker/rendered/demo.dpcreator.org_08_2023_0821.yaml
@@ -0,0 +1,344 @@
+---
+# reference: https://github.com/kubernetes-operators-book/chapters/blob/master/ch05/database.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: dpcreator-db-data-configmap-demo
+data:
+  #
+  # Database settings for postgres and Django
+  #
+  #
+  # DB_HOST Should be the same as the service name at the end of this file:
+  DB_HOST: "dpcreator-postgres-service-demo"
+  DB_PORT: "5432"
+  DB_ENGINE: "django.db.backends.postgresql_psycopg2"
+  #
+  # These two variables should have the same value (kludge):
+  POSTGRES_DB: "db_dpcreator"
+  DB_NAME: "db_dpcreator"
+---
+# ---------------------------
+# DPCreator - Postgres Deployment
+# ---------------------------
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: dpcreator-database-demo
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: dpcreator-demo
+      tier: postgres
+  template:
+    metadata:
+      labels:
+        app: dpcreator-demo
+        tier: postgres
+    spec:
+      volumes:
+        # Persistent Disk space to store Postgres files
+        #  Used by dpcreator-postgres container
+        #- name: postgres-persistent-volume
+        #  azureDisk:
+        #    kind: Managed
+        #    diskName: dpcreator-postgres-02
+        #    diskURI: /subscriptions/14d2f886-16d9-4a5b-87f0-7aa1c4608026/resourceGroups/MC_DPCreatorResourceGroup_DPCreatorCluster01_eastus/providers/Microsoft.Compute/disks/dpcreator-postgres-02
+      containers:
+        - name: dpcreator-postgres-demo
+          image: postgres:13
+          imagePullPolicy: Always
+          ports:
+            - name: postgres-port
+              containerPort: 5432
+              protocol: TCP
+          # Persistent Disk space to store Postgres files
+          #volumeMounts:
+          #- name: postgres-persistent-volume
+          #  mountPath: /var/lib/postgresql/data
+          envFrom:
+          - configMapRef:
+              name: dpcreator-db-data-configmap-demo
+          env:
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-auth-secret
+                  key: db_username
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-auth-secret
+                  key: db_password
+---
+# ---------------------------
+# DPCreator - Postgres Service
+# ---------------------------
+apiVersion: v1
+kind: Service
+metadata:
+  name: dpcreator-postgres-service-demo
+  labels:
+    app: dpcreator-demo
+    tier: postgres
+spec:
+  clusterIP: None
+  ports:
+    - port: 5432
+  selector:
+    app: dpcreator-demo
+    tier: postgres
+---
+# ----------------------------------------
+# Configmap used for:
+#  dpcreator-app, dpcreator-celery
+# ----------------------------------------
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: dpcreator-app-configmap-demo
+data:
+  #
+  STATIC_ROOT: "/dpcreator_volume/static/dist"
+  STATIC_URL: "/static/dist/"
+  UPLOADED_FILE_STORAGE_ROOT: "/dpcreator_user_data"
+  RELEASE_FILE_STORAGE_ROOT: "/dpcreator_release_data"
+  #
+  # Should match the NGINX_MAX_UPLOAD_SIZE
+  # ref: https://docs.djangoproject.com/en/3.2/ref/settings/#std:setting-DATA_UPLOAD_MAX_MEMORY_SIZE
+  #  20971520 bytes = 20MB
+  DATA_UPLOAD_MAX_MEMORY_SIZE: "20971520"
+  #
+  # Set to default of 2.5MB
+  # ref: https://docs.djangoproject.com/en/3.2/ref/settings/#std:setting-FILE_UPLOAD_MAX_MEMORY_SIZE
+  FILE_UPLOAD_MAX_MEMORY_SIZE: "2621440"
+  #
+  # Require email verification for account creation
+  ACCOUNT_EMAIL_VERIFICATION: "mandatory"
+  #
+  DEFAULT_FROM_EMAIL: "info@opendp.org"
+  #
+  #
+  VUE_APP_GOOGLE_CLIENT_ID: "750757442540-4bg3aulcrm802i8pguo851lq8kikf5ge.apps.googleusercontent.com"
+  VUE_APP_ADOBE_PDF_CLIENT_ID: "44937032e26b4033a840626ed0cd8e79"
+  VUE_APP_WEBSOCKET_PREFIX: "wss://"
+  #
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: dpcreator-app-demo
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: dpcreator-demo
+      tier: app
+  template:
+    metadata:
+      labels:
+        app: dpcreator-demo
+        tier: app
+    spec:
+      #restartPolicy: Always
+      volumes:
+        - name: dpcreator-volume-demo
+          emptyDir: {}
+          # azureDisk:
+          #  kind: Managed
+          #  diskName: storage-dpcreator-files
+          #  diskURI:
+      containers:
+        # -------------------------------------------------
+        # (1) Nginx frontend: Separate requests to static files vs. Django app
+        # -------------------------------------------------
+        - name: dpcreator-nginx
+          image: ghcr.io/opendp/dpcreator/nginx:2023-0821
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 80
+              name: http
+              protocol: TCP
+          volumeMounts:
+            # ----------------------------------
+            # shared between containers
+            # ----------------------------------
+            - name: dpcreator-volume-demo
+              mountPath: /dpcreator_volume
+              #subPath: 2ravens_org-apricot
+              #readOnly: true
+          #envFrom:
+          #  - configMapRef:
+          #      name: ravens-django-config-apricot
+        # -------------------------------------------------
+        # (2) Redis
+        # -------------------------------------------------
+        - name: redis
+          image: redis:6
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 6379
+        # -------------------------------------------------
+        # (3) Core application: Django + bundled static files
+        # -------------------------------------------------
+        - name: dpcreator-app
+          image: ghcr.io/opendp/dpcreator/app:2023-0821
+          imagePullPolicy: Always
+          command: [ "azure_demo.dpcreator.org.sh" ]
+          #command: [ "/bin/sh" ]
+          # args: [ "-c", "./migrate.sh && python manage.py runserver 0.0.0.0:8000"]
+          ports:
+            - name: dpcreator
+              containerPort: 8000
+              protocol: TCP
+          volumeMounts:
+            # ----------------------------------
+            # shared between containers
+            # ----------------------------------
+            - name: dpcreator-volume-demo
+              mountPath: /dpcreator_volume
+              #subPath: 2ravens_org-apricot
+              #readOnly: false
+          envFrom:
+          - configMapRef:
+              name: dpcreator-db-data-configmap-demo
+          - configMapRef:
+              name: dpcreator-app-configmap-demo
+          env:
+            # Same storage roots on dpcreator-app and celery-worker
+            #
+            - name: UPLOADED_FILE_STORAGE_ROOT
+              value: /dpcreator_volume/private/user_uploaded_data
+            - name: RELEASE_FILE_STORAGE_ROOT
+              value: /dpcreator_volume/public/release_files
+            # ----------------------------------------------------
+            - name: DJANGO_SETTINGS_MODULE
+              value: opendp_project.settings.azure_test_01
+            - name: ALLOWED_HOSTS
+              value: "13.82.125.69,demo.dpcreator.org,127.0.0.1,0.0.0.0"
+            - name: DB_USER
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-auth-secret
+                  key: db_username
+            - name: DB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-auth-secret
+                  key: db_password
+            - name: SECRET_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: SECRET_KEY
+            - name: CRYPTOGRAPHY_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: CRYPTOGRAPHY_KEY
+            - name: SENDGRID_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: SENDGRID_API_KEY
+            - name: DJANGO_ADMIN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: DJANGO_ADMIN_PASSWORD
+            - name: USER_DEPOSITOR_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: USER_DEPOSITOR_PASSWORD
+            - name: USER_ANALYST_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: USER_ANALYST_PASSWORD
+        # -------------------------------------------------
+        # (4) Celery Queue - same image/settings as except for "command"
+        # -------------------------------------------------
+        - name: celery-worker
+          image: ghcr.io/opendp/dpcreator/app:2023-0821
+          imagePullPolicy: Always
+          command: ['celery', '-A', 'opendp_project', 'worker', '-l', 'info', '-n', 'worker_dpcreator']
+          ports:
+            - name: dpcreator
+              containerPort: 8080
+              protocol: TCP
+          volumeMounts:
+            # ----------------------------------
+            # shared between containers
+            # ----------------------------------
+            - name: dpcreator-volume-demo
+              mountPath: /dpcreator_volume
+              #subPath: 2ravens_org-apricot
+              #readOnly: false
+          envFrom:
+          - configMapRef:
+              name: dpcreator-db-data-configmap-demo
+          - configMapRef:
+              name: dpcreator-app-configmap-demo
+          env:
+            # Same storage roots on dpcreator-app and celery-worker
+            #
+            - name: UPLOADED_FILE_STORAGE_ROOT
+              value: /dpcreator_volume/private/user_uploaded_data
+            - name: RELEASE_FILE_STORAGE_ROOT
+              value: /dpcreator_volume/public/release_files
+            - name: DJANGO_SETTINGS_MODULE
+              value: opendp_project.settings.azure_test_01
+            # ----------------------------------------------------
+            - name: ALLOWED_HOSTS
+              value: "13.82.125.69,demo.dpcreator.org,127.0.0.1,0.0.0.0"
+            - name: DB_USER
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-auth-secret
+                  key: db_username
+            - name: DB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-auth-secret
+                  key: db_password
+            - name: SECRET_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: SECRET_KEY
+            - name: CRYPTOGRAPHY_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: CRYPTOGRAPHY_KEY
+            - name: SENDGRID_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: dpcreator-app-secrets
+                  key: SENDGRID_API_KEY
+---
+# ---------------------------
+# DPCreator - Service
+# ---------------------------
+apiVersion: v1
+kind: Service
+metadata:
+  name: dpcreator-load-balancer-demo
+  labels:
+    app: dpcreator-demo
+    tier: load-balancer
+spec:
+  type: LoadBalancer
+  # IP mapped to dpcreator.2ravens.org
+  loadBalancerIP: 13.82.125.69
+  selector:
+    app: dpcreator-demo
+    tier: app
+  ports:
+  - port: 80
+    # nginx port ->
+    targetPort: 80
+    # test - right to dpcreator-app port
+    #targetPort: 8000
diff --git a/server/templates/base-vue.html b/server/templates/base-vue.html
@@ -1,25 +1 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width,initial-scale=1.0">
-    <link rel="icon" href="http://127.0.0.1:8080/favicon.ico">
-    <title>client</title>
-    <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900">
-    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css">
-    <script src="https://apis.google.com/js/api:client.js"></script>
-    <!-- JS update 1/3/23 --><script src="https://documentservices.adobe.com/view-sdk/viewer.js"></script>
-<body>
-<noscript>
-    <strong>We're sorry but client doesn't work properly without JavaScript enabled.
-        Please enable it to continue.</strong>
-</noscript>
-<div id="app"></div>
-<!-- built files will be auto injected -->
-<script type="text/javascript" src="http://127.0.0.1:8080/js/chunk-vendors.js">
-
-</script>
-<script type="text/javascript" src="http://127.0.0.1:8080/js/app.js"></script>
-</body>
-</html>
+<!doctype html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="/static/dist/favicon.ico"><title>client</title><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css"><script src="https://apis.google.com/js/api:client.js"></script><script src="https://documentcloud.adobe.com/view-sdk/viewer.js"></script><script defer="defer" src="/static/dist/js/chunk-vendors.86df7d53.js"></script><script defer="defer" src="/static/dist/js/app.539e049c.js"></script><link href="/static/dist/css/chunk-vendors.3e70d651.css" rel="stylesheet"><link href="/static/dist/css/app.f6864e4c.css" rel="stylesheet"></head><body><noscript><strong>We're sorry but client doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div></body></html>