Hi zigo, I appreciate the effort to make the HA environment, but for now, think it's better to keep simple and see the people's feedback about it.
I think that one simple NGINX container with Certbot can fix the SSL issue so we can focus on the integration with Salsa CI to receives information about new images. I already started working on this and by the end of January we should have something. The issues mapped for this month can be seen on https://salsa.debian.org/cloud-team/image-finder/-/milestones/9 Cheers, Arthur Diniz Em qua., 25 de dez. de 2019 às 22:22, Thomas Goirand <[email protected]> escreveu: > Hi, > > I've done some work on the initial packaging of our image finder. This > was trivial work, but more is needed. > > Currently, the site at http://image-finder.debian.net/ runs on a single > OpenStack instance. Inside the instance, there 2 docker containers > running, one for postgress, one for the Flask application. What I would > like to do, is transform this into: > - One Octavia load-balancer using a VRRP floating IP [1] > - One postgress cluster, maybe with one master and one slave > - On the same postgress machines, setup the Flask application that > connects to this postgress cluster > > With an anti-affinity on the instances, they would run on different > physical compute nodes, so this achieve full HA. Octavia can do the SSL > endpoint. (I'm not sure how we could reproduce this with DSA machines, > but that's at least my current plan...) > > I would setup all of this either using Ansible or Puppet. My choice will > depend on what the team prefers, I don't really have a preference. As > the DSA team prefers puppet, this probably should be our choice, so we > prepare for migrating to some DSA machines later. Please voice your > opinion here. If we're to use MariaDB/Galera + puppet, then I can > package absolutely all, including the puppet modules for deploying the > image-finder. > > With my first try, I could see that the application looks like working > under libapache-mod-wsgi-py3. I have some errors connecting to the DB, > and then it fails, but this was to be expected. > > Now my current problem is: > 1/ I never did postgressql clustering (I'm more a MariaDB/Galera guy). > How does one do it? Is it possible to do master-master connection? Since > the app is using SQLAlchemy, would it be possible to use MariaDB/Galera > instead of postgress? > > 2/ The Flask application is looking at its environment to get the DSN > connection URL, we need a configuration file instead. > > 3/ I have no idea how to feed this application with real data from our > generated Salsa images. How do I do that? > > Could someone bring me some light on how to address the 3 points above? > > Cheers, > > Thomas Goirand (zigo) > > [1] This is HA by itself, with 2 instances, each using HAProxy, and > sharing a single public IP address using the VRRP protocol, so this > provides full high availability. > >
