Use PDM.control in docker image

Disclaimer

This document is only collection of author’s notes, experiences and point of views. It is not, in any meaning, either complete description of the topic nor official RTB documentation. It may be inaccurate, incomplete, obsolete, misleading or completely wrong. It may even cause loss of data or damage system integrity. It may not comply with company codex, values, presentation style or economic interests or may reveal company secrets.

As such, it is absolutely prohibited to distribute this document outside of RTB & Co. GmbH. Such an action may result into legal acts against both the sender and the company. It is only intended, after review of technical and presentational correctness and accuracy, to be used as an information source for official documentation.

Always contact documentation department for information about current presentation style and allowed formats before creating customer’s documentation.

1. How to use the container

PDM.control is not ready to be run in multiple instancies in parallel.

1.1. Docker network

Perform PostgreSQL security configuration.

1.2. Deployment

Put configuration file into current directory and name it application-pcon.yml. PDM.control is set to automatically adjust its stack based on available memory. Memory available to process must be configured on container level.

1.2.1. Simple docker run

PDM.control can be started by following command

docker run \
    --volume ./application-pcon.yml:/pdm_control/application-docker.yml \
    --publish 8080:8080 \
    --publish 55200:55200 \
    docker.rtb-bl.de/pdm/central/pdm_control:dev-next

1.2.2. Compose

Create compose file like this:

Content of file pdm-control.compose.yml

version: '3.8'
services:
  control:
    image: docker.rtb-bl.de/pdm/central/pdm_control:dev-next
    ports:
      - 8080:8080
      - 55200:55200
    configs:
      - source: control_app
        target: /pdm_control/application-docker.yml

Run deployment by following command

docker compose -f pdm-control.compose.yml up

1.2.3. Stack

Create swarm configuration object. It is recommended to embed config version in its name like rtb-control-01. Config cannot be changed after initial creation.

Create stack configuration like this.

cat application-pcon.yml | docker config create rtb-control-01 -

Create stack configuration file like this:

Content of file pdm-control.stack.yml

version: '3.8'
services:
  control:
    image: docker.rtb-bl.de/pdm/central/pdm_control:dev-next
    ports:
      - 8080:8080
      - 55200:55200
    configs:
      - source: rtb-control-01
        target: /pdm_control/application-docker.yml

Deploy stack by command

docker stack deploy -c pdm-control.stack.yml pdm_control

2. Development

Following text describes how to develop inside a

2.1. Environment

Create new directory and to into. Put following files inside the new directory

hosts.txt
application-docker.yml
Copy also pdm_control.jar here.

Mount all files to container and start bash inside. It is reasonable to limit memory a bit to prevent java to consume too much of it.

2.2. Test inside container

Start containerized environment

docker run\
 -it --rm\
 --volume ./application-docker.yml:/pdm_control/application-docker.yml\
 --volume ./pdm_control.jar:/pdm_control/pdm_control.jar\
 --publish 8080:8080\
 --memory "512m"\
 eclipse-temurin:21-jdk bash

In container run:

cd /pdm_control
java -D"spring.profiles.active=docker" -jar pdm_control.jar

PDM control should start normally.

2.3. Test built container

Start containerized environment

docker run\
 -it --rm\
 --volume ./application-docker.yml:/pdm_control/application-docker.yml\
 --volume ./pdm_control.jar:/pdm_control/pdm_control.jar\
 --publish 8080:8080\
 --memory "512m"\
 docker.rtb-bl.de/pdm/central/pdm_control:dev-next

3. Production

In production runs PDM.control in swarm as service. It is assumed that docker swarm is enabled.

PDM.control is not designed to run in multiple instancies. Be sure that the service spans just one container.

3.1. Network

Create overlay network connecting containers.

docker network create --driver overlay --attachable {net-db}

Update database security configuration, described in chapter PostgreSQL security configuration.

3.2. Configuration

Create empty directory and put following files inside.

hosts.txt
application-docker.yml

Create configuration from them.

docker config create rtb-hosts-01 hosts.txt
docker config create rtb-control-01 application-docker.yml

The number inside of configuration name is version. It needs to be incremented if configuration is changed. It is read only.

3.3. Gitlab access

In order do be able to deploy image build in Gitlab we need to create access token.

Open PDM.control and go to Settings Access Tokens. Alternatively a token can be added on central group to access all projects within the group.

Click Add new token. Provide name e.g. staging. Select role Guest and scope 'read_registry'. Click Create group access token.

Be sure to save access token. It will not be possible to recover it later.

3.4. Docker login

docker login docker.rtb-bl.de

User name is token name
Password is access token

Start PDM.control service from image

docker service create\
 --name pdm-control\
 --config source=rtb_hosts_01,target=/etc/hosts\
 --config source=rtb_control_01,target=pdm_control/application-docker.yml\
 --publish 8080:8080\
 --limit-memory "700m"\
 --with-registry-auth\
 docker.rtb-bl.de/pdm/central/pdm_control:dev-next

Appendix A: PostgreSQL security configuration

PostgreSQL from security reasons allows only connections from local host by default. Configuration needs to be updated to enable access from docker containers. Open file pg_hba.conf (usually located at /etc/postgresql/<version>/main/) and add appropriate configuration. E.g. 10.200.0.0/24 is our VPC from which a database is accessed.

# Docker networks
## {VPC network}
host    all             all             10.200.0.0/24         scram-sha-256

Restart PostgreSQL service.

systemctl restart postgresql

4. Configuration files

Here are examples of configuration files used in this article.

4.1. PDM.control configuration

Configuration of PDM.control. Please adjust according your needs.

Replace xxx by real secrets.

application-docker.yml

spring:
  datasource:
    url: jdbc:postgresql://postgres:5432/rtb_parking
    username: pdm_control
    password: xxx
  mail:
    host: smtp.sendgrid.net
    port: 587
    username: apikey
    password: 'xxx'
    properties:
      mail:
        smtp:
          auth: true
          starttls:
            enable: true
pcon:
  mail:
    from: pdm.control@rtb-parking.com
    replyTo: pdm.control@rtb-parking.com
  lan:
    # Local development
   tcpPort: 55200
   udpPort: 55200
  wan:
    ip: 217.86.150.132
    tcpPort: 8708
    udpPort: 8708
  app:
    url: http://do-stage.pdm.rtb-dev.de/