Last active
June 15, 2021 14:46
-
-
Save pierreavizou/b5a01e220df74433efb775a109427d3f to your computer and use it in GitHub Desktop.
Rudder stack deployment with Docker swarm + Traefik
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.7' | |
| networks: | |
| traefik: | |
| rudderstack: | |
| services: | |
| traefik: | |
| image: traefik:2.2 | |
| ports: | |
| - target: 80 | |
| published: 80 | |
| protocol: tcp | |
| mode: host | |
| - target: 443 | |
| published: 443 | |
| protocol: tcp | |
| mode: host | |
| networks: | |
| - traefik | |
| deploy: | |
| placement: | |
| constraints: | |
| # Define labels on your nodes using, e.g. `docker node update --label-add type=load-balancer <node-id>` | |
| - node.labels.type == load-balancer | |
| command: | |
| - "--accesslog=true" | |
| - "--providers.docker=true" | |
| - "--providers.docker.exposedbydefault=false" | |
| # Adapt network below to the name of your stack, or use an external network | |
| - "--providers.docker.network=<YOUR_STACK_NAME>_traefik" | |
| - "--entrypoints.web.address=:80" | |
| - "--entrypoints.websecure.address=:443" | |
| - "--entrypoints.web.http.redirections.entrypoint.to=websecure" | |
| - "--entrypoints.web.http.redirections.entrypoint.scheme=https" | |
| - "--providers.docker.swarmMode=true" | |
| - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true" | |
| - "--certificatesresolvers.mytlschallenge.acme.email=YOUR@EMAIL.COM" | |
| - "--certificatesresolvers.mytlschallenge.acme.storage=/acme/acme.json" | |
| volumes: | |
| - /opt/traefik/:/acme/ | |
| - /var/run/docker.sock:/var/run/docker.sock:ro | |
| # Adjust according to the logging method you're using | |
| logging: | |
| driver: journald | |
| rudderdb: | |
| image: postgres:11-alpine | |
| networks: | |
| - rudderstack | |
| deploy: | |
| placement: | |
| constraints: | |
| # Define labels on your nodes using, e.g. `docker node update --label-add type=database <node-id>` | |
| - node.labels.type == database | |
| environment: | |
| - POSTGRES_USER=rudder | |
| - POSTGRES_PASSWORD=<YOUR_DB_PASSWORD> | |
| - POSTGRES_DB=jobsdb | |
| volumes: | |
| - /mnt/rudderstack_data/rudderdb:/var/lib/postgresql/data | |
| logging: | |
| driver: journald | |
| rudderbackend: | |
| image: rudderlabs/rudder-server:saas-25042020.043927 | |
| deploy: | |
| placement: | |
| constraints: | |
| - node.labels.type != load-balancer | |
| labels: | |
| - traefik.enable=true | |
| # Point your domain's DNS to your loadbalancer's IP prior to running Traefik | |
| - traefik.http.routers.rudderbackend.rule=Host(`YOUR.DOMAIN.TLD`) | |
| - traefik.http.services.rudderbackend.loadbalancer.server.port=8080 | |
| - traefik.http.routers.rudderbackend.tls=true | |
| - traefik.http.routers.rudderbackend.entrypoints=websecure | |
| - traefik.http.routers.rudderbackend.tls.certresolver=mytlschallenge | |
| - traefik.http.middlewares.rudderbackend.headers.SSLRedirect=true | |
| - traefik.http.middlewares.rudderbackend.headers.STSSeconds=315360000 | |
| - traefik.http.middlewares.rudderbackend.headers.browserXSSFilter=true | |
| - traefik.http.middlewares.rudderbackend.headers.contentTypeNosniff=true | |
| - traefik.http.middlewares.rudderbackend.headers.forceSTSHeader=true | |
| - traefik.http.middlewares.rudderbackend.headers.SSLHost=${DOMAIN.TLD} | |
| - traefik.http.middlewares.rudderbackend.headers.STSIncludeSubdomains=true | |
| - traefik.http.middlewares.rudderbackend.headers.STSPreload=true | |
| networks: | |
| - rudderstack | |
| - traefik | |
| environment: | |
| - INSTANCE_ID={{.Task.Slot}} | |
| - JOBS_DB_HOST=rudderdb | |
| - JOBS_DB_USER=rudder | |
| - JOBS_DB_PORT=5432 | |
| - JOBS_DB_DB_NAME=jobsdb | |
| - JOBS_DB_PASSWORD=<YOUR_DB_PASSWORD> | |
| - DEST_TRANSFORM_URL=http://d-transformer:9090 | |
| - CONFIG_BACKEND_URL=https://api.rudderlabs.com | |
| - WORKSPACE_TOKEN=<YOUR_RUDDER_WORKSPACE_TOKEN> | |
| - CONFIG_PATH=/app/config/config.toml | |
| entrypoint: sh -c '/wait-for rudderdb:5432 -- /rudder-server' | |
| logging: | |
| driver: journald | |
| d-transformer: | |
| image: rudderlabs/rudder-transformer:saas-25042020.204857 | |
| deploy: | |
| placement: | |
| constraints: | |
| - node.labels.type != load-balancer | |
| networks: | |
| - rudderstack | |
| logging: | |
| driver: journald |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
You should be able to deploy the stack with
# docker stack deploy -c docker-stack-rudder.yml myrudderThen you could leverage docker service scaling by using, for instance:
# docker service scale myrudder_rudderbackend=2and
# docker service scale myrudder_d-transformer=2Provided you have provisioned enough workers in your cluster, Docker will schedule the new containers on workers with available resources