Deployment #5
Comments
KDwevedi
changed the title
|
@KDwevedi we have following services already in our system
Services to be deployed:
Migrations to be done:
Do we have also have a rough idea on how much resources this requires as a system? |
|
The stack can share 2 vCPUs with ~4 GB RAM The usage for individual services should never spike beyond 1.5 vCPUs + 1-2GB RAM The Most RAM intensive task is PDF rendering, which would by far take the most resources. @techsavvyash does this sound fine for c4gt bff? |
|
This sounds fine to me! 👍🏼 |
|
@techsavvyash @KDwevedi 2 Queries
|
Yes
C4GT BFF, that's it |
|
@KDwevedi can you share docker-compose for bff? |
|
VAULT_ADDR=${VAULT_ADDR} @KDwevedi also, can we cleanup the variables in services, I see redundancy, e.g., VAULT_ADDR VAULT_BASE_URL VAULT_PROXY seems to be same. Can you remove the redundancy from the compose shared and I will pick accordingly? |
|
This is the constructor for the vault client in identity service: export class VaultService {
private token: string;
private vault: any;
constructor() {
this.token = process.env.VAULT_TOKEN;
this.vault = new Vault({
https: false,
baseUrl: process.env.VAULT_BASE_URL,
rootPath: process.env.VAULT_ROOT_PATH,
timeout: process.env.VAULT_TIMEOUT,
proxy: process.env.VAULT_PROXY === "true" ? true : false,
});
}
However vault:
image: vault:1.12.3
restart: always
volumes:
- ./vault.json:/vault/config/vault.json
- ./data/vault-data:/vault/file
environment:
- VAULT_ADDR=${VAULT_ADDR}
- VAULT_API_ADDR=${VAULT_API_ADDR}
- VAULT_ADDRESS=${VAULT_ADDRESS}
cap_add:
- IPC_LOCK
command: vault server -config=/vault/config/vault.json
ports:
- 8200:8200
healthcheck:
test:
[
"CMD-SHELL",
"wget --spider http://127.0.0.1:8200/v1/sys/health || exit 1",
]
interval: 10s
timeout: 5s
retries: 3
|
|
Vault doesn't need any environment variable generally, we can remove, reference. Also, can you share the library which we are using for Vault? Unable to find those in https://www.npmjs.com/package/node-vault |
|
This is the library |
|
@KDwevedi updates on the docker compose for bff? We can deploy all the services here once bff is available and then start with migrations today |
|
@singhalkarun |
Tasklist for C4GT Credentialing Deployment
1. Fusion Auth
Official FA Compose Files
Note: Previous RCW Deployment was pointing to Konnect FA for JWKS. We should setup a dedicated instance for the following usecases:
2. Deploying Samagra RCW
3. Data Migration
Droplet IP: 64.227.184.175
Containers:
139.59.20.91contains relevant user data for identity service, that should be migrated to new deployment for rcw4. C4GT BFF
To be linked by @KDwevedi
The text was updated successfully, but these errors were encountered: