Andrey K. Choi
4adb00a498
Some checks reported errors
continuous-integration/drone/push Build encountered an error
🐳 DOCKER DEPLOYMENT INFRASTRUCTURE: ## New Docker Files: - deployment/docker/Dockerfile.optimized - Multi-stage optimized builds - docker-compose.prod.yml - Production cluster deployment - docker-compose.dev.yml - Development environment - deploy-docker.sh - One-command deployment script - Makefile.docker - Advanced management commands - .env.docker - Environment configuration template - DOCKER_DEPLOYMENT.md - Complete deployment guide ## Container Images: - pyguardian:controller - Cluster management (200MB) - pyguardian:agent - Security monitoring (180MB) - pyguardian:standalone - All-in-one deployment (220MB) - pyguardian:development - Dev tools + Jupyter (350MB) ## Deployment Modes: - Standalone: Single container with all features - Cluster: Controller + scalable agents with JWT auth - Production: Enterprise deployment with monitoring - Development: Hot reload + debugging tools ## Key Features: ✅ Multi-stage Docker builds for optimization ✅ Privileged containers for system monitoring ✅ Host networking for firewall integration ✅ Volume persistence for data/logs/config ✅ Health checks and auto-restart ✅ Prometheus monitoring integration ✅ SSL/TLS support with custom certificates ✅ Automated backup and restore ✅ CI/CD ready builds ## Quick Commands: ./deploy-docker.sh standalone # Quick start ./deploy-docker.sh cluster --scale 3 # Production cluster make -f Makefile.docker prod-up # Advanced management make -f Makefile.docker health # Health checks Ready for enterprise Docker deployment! 🚀
273 lines
11 KiB
Docker
273 lines
11 KiB
Docker
################################################################################
|
|
# PyGuardian Docker Management Makefile
|
|
# Provides convenient commands for Docker deployment and management
|
|
################################################################################
|
|
|
|
# Default variables
|
|
DOCKER_COMPOSE_PROD := docker-compose -f docker-compose.prod.yml
|
|
DOCKER_COMPOSE_DEV := docker-compose -f docker-compose.dev.yml
|
|
IMAGE_TAG := pyguardian:2.1.0
|
|
ENV_FILE := .env
|
|
|
|
# Colors for output
|
|
GREEN := \033[32m
|
|
YELLOW := \033[33m
|
|
RED := \033[31m
|
|
NC := \033[0m
|
|
|
|
# Help target
|
|
.PHONY: help
|
|
help: ## Show this help message
|
|
@echo "PyGuardian Docker Management Commands:"
|
|
@echo ""
|
|
@awk 'BEGIN {FS = ":.*##"} /^[a-zA-Z_-]+:.*##/ {printf " $(GREEN)%-20s$(NC) %s\n", $$1, $$2}' $(MAKEFILE_LIST)
|
|
|
|
# =============================================================================
|
|
# ENVIRONMENT SETUP
|
|
# =============================================================================
|
|
|
|
.PHONY: setup-env
|
|
setup-env: ## Setup environment files
|
|
@echo "$(YELLOW)Setting up environment configuration...$(NC)"
|
|
@if [ ! -f $(ENV_FILE) ]; then \
|
|
cp .env.docker $(ENV_FILE); \
|
|
echo "$(GREEN)Created $(ENV_FILE) from template$(NC)"; \
|
|
echo "$(YELLOW)Please edit $(ENV_FILE) with your configuration$(NC)"; \
|
|
else \
|
|
echo "$(YELLOW)$(ENV_FILE) already exists$(NC)"; \
|
|
fi
|
|
|
|
.PHONY: setup-dirs
|
|
setup-dirs: ## Create necessary directories
|
|
@echo "$(YELLOW)Creating directory structure...$(NC)"
|
|
@mkdir -p /opt/pyguardian/{controller,agent1,agent2}/{data,logs,config}
|
|
@mkdir -p deployment/monitoring
|
|
@echo "$(GREEN)Directory structure created$(NC)"
|
|
|
|
.PHONY: generate-secrets
|
|
generate-secrets: ## Generate secure secrets
|
|
@echo "$(YELLOW)Generating secure secrets...$(NC)"
|
|
@echo "CLUSTER_SECRET=$(shell openssl rand -hex 32)"
|
|
@echo "JWT_SECRET=$(shell openssl rand -hex 32)"
|
|
@echo "$(GREEN)Add these secrets to your $(ENV_FILE) file$(NC)"
|
|
|
|
# =============================================================================
|
|
# BUILD TARGETS
|
|
# =============================================================================
|
|
|
|
.PHONY: build-all
|
|
build-all: ## Build all Docker images
|
|
@echo "$(YELLOW)Building all PyGuardian images...$(NC)"
|
|
docker build -f deployment/docker/Dockerfile.optimized --target controller -t pyguardian:controller .
|
|
docker build -f deployment/docker/Dockerfile.optimized --target agent -t pyguardian:agent .
|
|
docker build -f deployment/docker/Dockerfile.optimized --target standalone -t pyguardian:standalone .
|
|
docker build -f deployment/docker/Dockerfile.optimized --target development -t pyguardian:development .
|
|
@echo "$(GREEN)All images built successfully$(NC)"
|
|
|
|
.PHONY: build-prod
|
|
build-prod: ## Build production images
|
|
@echo "$(YELLOW)Building production images...$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) build
|
|
@echo "$(GREEN)Production images built$(NC)"
|
|
|
|
.PHONY: build-dev
|
|
build-dev: ## Build development images
|
|
@echo "$(YELLOW)Building development images...$(NC)"
|
|
$(DOCKER_COMPOSE_DEV) build
|
|
@echo "$(GREEN)Development images built$(NC)"
|
|
|
|
# =============================================================================
|
|
# PRODUCTION DEPLOYMENT
|
|
# =============================================================================
|
|
|
|
.PHONY: prod-up
|
|
prod-up: setup-env setup-dirs ## Start production environment
|
|
@echo "$(YELLOW)Starting PyGuardian production environment...$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) --env-file $(ENV_FILE) up -d
|
|
@echo "$(GREEN)Production environment started$(NC)"
|
|
@echo "API available at: https://localhost:8443"
|
|
|
|
.PHONY: prod-down
|
|
prod-down: ## Stop production environment
|
|
@echo "$(YELLOW)Stopping production environment...$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) down
|
|
@echo "$(GREEN)Production environment stopped$(NC)"
|
|
|
|
.PHONY: prod-restart
|
|
prod-restart: prod-down prod-up ## Restart production environment
|
|
|
|
.PHONY: prod-logs
|
|
prod-logs: ## View production logs
|
|
$(DOCKER_COMPOSE_PROD) logs -f
|
|
|
|
.PHONY: prod-status
|
|
prod-status: ## Check production status
|
|
@echo "$(YELLOW)Production Environment Status:$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) ps
|
|
@echo ""
|
|
@echo "$(YELLOW)Health Status:$(NC)"
|
|
@docker ps --format "table {{.Names}}\t{{.Status}}" | grep pyguardian
|
|
|
|
# =============================================================================
|
|
# DEVELOPMENT DEPLOYMENT
|
|
# =============================================================================
|
|
|
|
.PHONY: dev-up
|
|
dev-up: setup-env ## Start development environment
|
|
@echo "$(YELLOW)Starting PyGuardian development environment...$(NC)"
|
|
$(DOCKER_COMPOSE_DEV) --env-file $(ENV_FILE) up -d
|
|
@echo "$(GREEN)Development environment started$(NC)"
|
|
@echo "API available at: http://localhost:8443"
|
|
@echo "Jupyter Lab at: http://localhost:8888"
|
|
|
|
.PHONY: dev-down
|
|
dev-down: ## Stop development environment
|
|
@echo "$(YELLOW)Stopping development environment...$(NC)"
|
|
$(DOCKER_COMPOSE_DEV) down
|
|
@echo "$(GREEN)Development environment stopped$(NC)"
|
|
|
|
.PHONY: dev-restart
|
|
dev-restart: dev-down dev-up ## Restart development environment
|
|
|
|
.PHONY: dev-logs
|
|
dev-logs: ## View development logs
|
|
$(DOCKER_COMPOSE_DEV) logs -f pyguardian-dev
|
|
|
|
.PHONY: dev-shell
|
|
dev-shell: ## Access development container shell
|
|
docker exec -it pyguardian-dev bash
|
|
|
|
# =============================================================================
|
|
# CLUSTER MANAGEMENT
|
|
# =============================================================================
|
|
|
|
.PHONY: cluster-up
|
|
cluster-up: setup-env setup-dirs ## Start full cluster (controller + agents)
|
|
@echo "$(YELLOW)Starting PyGuardian cluster...$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) --env-file $(ENV_FILE) up -d
|
|
@echo "$(GREEN)Cluster started$(NC)"
|
|
|
|
.PHONY: cluster-scale
|
|
cluster-scale: ## Scale agents (usage: make cluster-scale AGENTS=3)
|
|
@echo "$(YELLOW)Scaling cluster to $(or $(AGENTS),2) agents...$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) --env-file $(ENV_FILE) up -d --scale pyguardian-agent-1=$(or $(AGENTS),2)
|
|
|
|
.PHONY: cluster-status
|
|
cluster-status: ## Check cluster status
|
|
@echo "$(YELLOW)Cluster Status:$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) ps
|
|
@echo ""
|
|
@echo "$(YELLOW)Agent Connections:$(NC)"
|
|
@docker exec pyguardian-controller python3 -c "import requests; print(requests.get('http://localhost:8443/api/agents').json())" 2>/dev/null || echo "Controller not ready"
|
|
|
|
# =============================================================================
|
|
# MONITORING
|
|
# =============================================================================
|
|
|
|
.PHONY: monitoring-up
|
|
monitoring-up: ## Start with monitoring stack
|
|
@echo "$(YELLOW)Starting PyGuardian with monitoring...$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) --env-file $(ENV_FILE) --profile monitoring up -d
|
|
|
|
.PHONY: monitoring-status
|
|
monitoring-status: ## Check monitoring status
|
|
@echo "$(YELLOW)Monitoring Status:$(NC)"
|
|
@echo "Prometheus: http://localhost:9090"
|
|
@curl -s http://localhost:9090/-/healthy && echo "✅ Prometheus healthy" || echo "❌ Prometheus unhealthy"
|
|
|
|
# =============================================================================
|
|
# MAINTENANCE
|
|
# =============================================================================
|
|
|
|
.PHONY: backup
|
|
backup: ## Create backup of data
|
|
@echo "$(YELLOW)Creating backup...$(NC)"
|
|
@timestamp=$$(date +%Y%m%d_%H%M%S); \
|
|
docker run --rm -v pyguardian_controller_data:/source -v $(PWD)/backups:/backup alpine \
|
|
tar czf /backup/pyguardian_backup_$$timestamp.tar.gz -C /source .
|
|
@echo "$(GREEN)Backup created in ./backups/$(NC)"
|
|
|
|
.PHONY: restore
|
|
restore: ## Restore from backup (usage: make restore BACKUP=filename)
|
|
@if [ -z "$(BACKUP)" ]; then \
|
|
echo "$(RED)Usage: make restore BACKUP=filename$(NC)"; \
|
|
exit 1; \
|
|
fi
|
|
@echo "$(YELLOW)Restoring from $(BACKUP)...$(NC)"
|
|
@docker run --rm -v $(PWD)/backups:/backup -v pyguardian_controller_data:/target alpine \
|
|
tar xzf /backup/$(BACKUP) -C /target
|
|
@echo "$(GREEN)Restore completed$(NC)"
|
|
|
|
.PHONY: clean
|
|
clean: ## Clean up containers and images
|
|
@echo "$(YELLOW)Cleaning up Docker resources...$(NC)"
|
|
$(DOCKER_COMPOSE_PROD) down --volumes --remove-orphans
|
|
$(DOCKER_COMPOSE_DEV) down --volumes --remove-orphans
|
|
docker image prune -f
|
|
@echo "$(GREEN)Cleanup completed$(NC)"
|
|
|
|
.PHONY: clean-all
|
|
clean-all: clean ## Complete cleanup including data volumes
|
|
@echo "$(RED)WARNING: This will delete ALL PyGuardian data!$(NC)"
|
|
@read -p "Are you sure? [y/N]: " confirm && [ "$$confirm" = "y" ] || exit 1
|
|
docker volume prune -f
|
|
docker system prune -f
|
|
@echo "$(GREEN)Complete cleanup finished$(NC)"
|
|
|
|
# =============================================================================
|
|
# TESTING
|
|
# =============================================================================
|
|
|
|
.PHONY: test
|
|
test: ## Run tests in container
|
|
@echo "$(YELLOW)Running PyGuardian tests...$(NC)"
|
|
docker run --rm -v $(PWD)/src:/opt/pyguardian/src -v $(PWD)/tests:/opt/pyguardian/tests \
|
|
pyguardian:development python3 -m pytest tests/ -v
|
|
|
|
.PHONY: test-build
|
|
test-build: ## Test Docker builds
|
|
@echo "$(YELLOW)Testing Docker builds...$(NC)"
|
|
docker build -f deployment/docker/Dockerfile.optimized --target controller -t pyguardian:test-controller .
|
|
docker build -f deployment/docker/Dockerfile.optimized --target agent -t pyguardian:test-agent .
|
|
docker run --rm pyguardian:test-controller python3 -c "print('✅ Controller image working')"
|
|
docker run --rm pyguardian:test-agent python3 -c "print('✅ Agent image working')"
|
|
docker rmi pyguardian:test-controller pyguardian:test-agent
|
|
@echo "$(GREEN)Docker builds test passed$(NC)"
|
|
|
|
# =============================================================================
|
|
# INFORMATION
|
|
# =============================================================================
|
|
|
|
.PHONY: info
|
|
info: ## Show system information
|
|
@echo "$(YELLOW)PyGuardian Docker Environment Information:$(NC)"
|
|
@echo "Docker version: $$(docker --version)"
|
|
@echo "Docker Compose version: $$(docker-compose --version)"
|
|
@echo "Available images:"
|
|
@docker images | grep pyguardian || echo "No PyGuardian images found"
|
|
@echo ""
|
|
@echo "Running containers:"
|
|
@docker ps --format "table {{.Names}}\t{{.Image}}\t{{.Status}}" | grep pyguardian || echo "No PyGuardian containers running"
|
|
|
|
.PHONY: health
|
|
health: ## Check health of all services
|
|
@echo "$(YELLOW)Health Check Results:$(NC)"
|
|
@for container in $$(docker ps --format "{{.Names}}" | grep pyguardian); do \
|
|
echo -n "$$container: "; \
|
|
if docker exec $$container sh -c 'exit 0' 2>/dev/null; then \
|
|
echo "$(GREEN)✅ Running$(NC)"; \
|
|
else \
|
|
echo "$(RED)❌ Failed$(NC)"; \
|
|
fi; \
|
|
done
|
|
|
|
# =============================================================================
|
|
# SHORTCUTS
|
|
# =============================================================================
|
|
|
|
.PHONY: up down restart logs status
|
|
up: prod-up ## Alias for prod-up
|
|
down: prod-down ## Alias for prod-down
|
|
restart: prod-restart ## Alias for prod-restart
|
|
logs: prod-logs ## Alias for prod-logs
|
|
status: prod-status ## Alias for prod-status |