Explain how to isolate your deployment
This commit is contained in:
parent
f74bef8ee5
commit
0dc88b332f
24
README.md
24
README.md
@ -43,6 +43,26 @@ deployments on the same server. This is explained in the [Compose file section](
|
||||
The complete URL where the system can be accessed.
|
||||
|
||||
## Compose file
|
||||
### Isolation
|
||||
Since there are multiple deployments on the same server, it is important to isolate your services from others.
|
||||
There are two primary things that need to be isolated, container names and networks.
|
||||
|
||||
Container names are dealt with by *not* specifying a `container_name` for the services in the Compose file. This will
|
||||
make Docker Compose generate a name for each container based on the project name and service name and since this action
|
||||
takes care to set a unique project name for each deployment, the container names will be unique.
|
||||
|
||||
> [!IMPORTANT]
|
||||
> Do *not* specify a `container_name` for a service in the Compose file.
|
||||
|
||||
When containers talk directly to each other they need to be on the same network. They are referenced using the service
|
||||
name as the hostname. Since it is impossible to know what every service will be named you must define your own network
|
||||
(separate from the Traefik network) for inter-service communication. Networks need to have unique names so generate a
|
||||
name based on `${COMPOSE_PROJECT_NAME}`.
|
||||
|
||||
> [!IMPORTANT]
|
||||
> Define your own network for inter-service communication.
|
||||
|
||||
### Traefik
|
||||
On branch.dsv.su.se there is a [Traefik proxy](https://traefik.io/traefik/) running in the Docker environment that takes care of routing traffic to your containers based on the HTTP host used. As such, your containers should *not* have host port bindings.
|
||||
|
||||
> [!IMPORTANT]
|
||||
@ -79,7 +99,7 @@ networks:
|
||||
|
||||
Not all your services should join this network, but you still want them to be able to communicate with each other. For that you should define a second network used by those services that need to communicate.
|
||||
|
||||
### <router name> in the Traefik labels
|
||||
#### <router name> in the Traefik labels
|
||||
This is a unique name that is used to identify the router in Traefik. The name has to be *globally* unique among all
|
||||
deployed systems, for all repositories and all branches. Fortunately there's an environment variable that is set up for
|
||||
you named `${COMPOSE_PROJECT_NAME}` that is guaranteed to be unique.
|
||||
@ -87,7 +107,7 @@ This is used in the [example](#example-compose-file) below. There is rarely, if
|
||||
|
||||
`${COMPOSE_PROJECT_NAME}` can be used for other must be unique values as well, see usage below in the example.
|
||||
|
||||
### <host> in the Traefik labels
|
||||
#### <host> in the Traefik labels
|
||||
If a [`Host` rule](https://doc.traefik.io/traefik/routing/routers/#host-and-hostregexp) is used, the hostname can be
|
||||
accessed using the environment variable `${VHOST}`. This is a fully qualified hostname that is unique for each
|
||||
deployment and can be prefixed if there's a need for multiple hosts. Do *not* use `.` in the hostname to create new
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user