mDIS User Documentation

mDIS inside Docker - Part 1

mDIS inside Docker - Part 2 of this guide, focus on implementation
Native Installation on Linux
On Virtualbox: general, detailed
Shellscripts in the mdis-installer (opens new window) gitlab repository

Internal

WARNING

ICDP-only stuff, please ignore, or read with care.
Focus is on high-level concepts and not on details (see Part 2 for that.).
Some content is from 2019-2020, slightly outdated!

Docker-based mDIS installations

mDIS can be run as a Docker (opens new window) container.

See also: How to build an mDIS Docker container from scratch (Part 2 of this guide).

Advantages

Docker-based installations have some benefits for both mDIS editors and admins.

Benefits for mDIS editors and end users (project staff, scientists) are:

  • faster bootup times than a Virtualbox-based instance.
  • no learning of Virtualization Concepts needed
  • "shared folder" model (via Docker volumes) is simple

Benefits for mDIS Administrators are:

  • better IT-security by isolation of mDIS from the rest of the system
  • better software configuration-management by isolation of the mDIS instances running side-by-side, via containerization
  • much smaller machine images (~1GB instead of 10+ GB) than a Virtualbox-based instance.
  • greater consolidation and reuse of resources that are common to all mDIS instances.
  • creating a new Docker image (for "snapshotting" or backup) only takes seconds or less.
  • "declarative configuration" and administration via docker-compose tool is relatively simple
  • storage of images in a custom Docker registry or distribution via hub.docker.com is possible (we don't do this yet though)

Disadvantages

  • greater complexity : need to learn a lot about the Docker ecosystem
  • greater complexity: all web servers behind a reverse proxy: deal with weird error messages, or none at all.

Apache as Reverse-Proxy

A single Apache webserver controls access to many mDIS instances, running in parallel as isolated Docker containers.

for mDIS-Docker

mDIS Apache as Reverse Proxy
Apache Webserver controls access to many "containerized" mDIS instances and a common database server.

The figure above shows how a Reverse Proxy works. (The port numbers are not important, and can have changed.)
Each box in the middle row is an mDIS-instance such as mdis-dive (opens new window).

On the Docker host, an Apache webserver can be run as a Reverse Proxy in order to direct traffic from the internet to the Docker containers running mDIS.

Advantages of Reverse Proxy

  • a single proxy web server instance can govern access to all mDIS instances.
  • a single TLS certificate can be used for providing https-Endpoints for all instances
  • a single database server instance can be used for all containers on the same network
  • a single SQL-Admintool instance can be run on the Docker host to control many mDIS databases. No longer 1 host/per network and 1 admintool/1 host.

Disadvantages of Reverse Proxy

  • cryptic error messages if either the proxy or the mDIS-container is not running
  • potentially introducing a single point of failure for the mDIS instances

Installation scripts

Shellscripts

See gitlab repo (opens new window) "mdis-installer".

Update 2022: Scripts are incomplete or outdated.
Besides, they were only a rough guide. You must adapt commands and settings to your needs.

Using Docker containers

Deploying the Docker containers is done via Docker Compose (opens new window).

TODO: Add link or example

Add link to a short docker-compose.yml file; or insert the relevant sniipets here.

Bring everything up again, silently, with few messages:

docker-compose --project-name mdis up -d --no-recreate
1

Entering the Docker container

Enter as Unixuser root to install software, or to configure things.

docker exec -it mdis_php_tadp_1 bash
1

Enter as Unixuser mdis to have a customized Bash available.

docker exec -it -u mdis mdis_php_tadp_1 bash
1

Of course, this requires that the user exists and that you have actually installed some customizations.

Custom adaptations

See installer scripts

Several source-code files and mDIS configuration settings must be changed in key places.

This is documented in an (old) installation script

docker/mdis-fardeep/deploy-mdis-fardeep-2.sh .

Run it inside the Docker container.

Recommended

Continue with Part 2 of this guide, mDIS inside Docker, which is about the implementation of the Docker-based mDIS installation.
It is much more detailed than this guide.

Advanced

Check general, system-wide Docker configuration

Check general configuration of Docker daemon and Docker registry:

Check settings in file

/etc/docker/daemon.json

TBC - check if Docker registry is running, if traffic is encrypted, etc.

Troubleshooting Docker-Containers

Advanced stuff TBC

After rebooting the host server, not all containers might come up correctly.

TBC: check if all processes/services inside the containers are running, and if not, start them.

Troubleshooting DB server / container

Check the new IP Address of the mysql-db container. Check the logfiles and visualizations of your monitoring tools ( Nagios or similar). Adapt the Nagios monitoring command if necessary.

Troubleshooting container with HTML frontend for Docker registry

A common problem is that webserver process 'Apache' inside the container is not running.

Enter the container, start Apache manually:

service apache start or service apache reload or

or other commands to start Apache (or Nginx or some webserver).

Continued in