prepare to k8s

Dockerfile

@@ -1,6 +1,6 @@
 FROM registry.sdsys.ru/iru/iru-base:7.6
-ENTRYPOINT ["docker-entrypoint.sh"]
-COPY docker-entrypoint.sh healthcheck.sh /usr/share/web-registry-portal/bin/
+ENTRYPOINT ["entrypoint.sh"]
+COPY entrypoint.sh healthcheck.sh /usr/share/web-registry-portal/bin/
 COPY application-logger.xml /etc/web-registry-portal/
 ENV PATH=/usr/share/web-registry-portal/bin:$PATH LANG="en_US.UTF-8" ADMIN_HOST=admin
 EXPOSE 9000 2551
@@ -8,7 +8,7 @@ HEALTHCHECK --start-period=30s --interval=20s --timeout=10s --retries=2 CMD heal
 ARG repo=prod
 RUN set -x \
            && curl https://repo.infoclinica.ru/yum/centos/sds-${repo}-portal.repo -o /etc/yum.repos.d/sds-${repo}-portal.repo \
-           && chmod +x /usr/share/web-registry-portal/bin/docker-entrypoint.sh \
+           && chmod +x /usr/share/web-registry-portal/bin/entrypoint.sh \
            && chmod +x /usr/share/web-registry-portal/bin/healthcheck.sh \
            && yum install web-registry-portal iputils openssl -y \
            && yum update tzdata -y \

application.conf

@@ -0,0 +1,139 @@
+# This is the main configuration file for the application.
+# ~~~~~
+
+# Secret key
+# ~~~~~
+# The secret key is used to secure cryptographics functions.
+# If you deploy your application to several instances be sure to use the same key!
+application.secret = "x09HY<acN5Wph?e]@:rXeF>qDg=fC;d5rRbYqeG/rLUyyEZCh/d_L73>IVxT@?Mb"
+
+# The application languages
+# ~~~~~
+application.langs = "ru,en"
+
+# Proxy and `X-Forwarded-For` header
+# ~~~~~
+#trustxforwarded=true
+
+# Akka
+# ~~~~~
+internal {
+  akka {
+    loglevel = "DEBUG"
+    loggers = ["akka.event.slf4j.Slf4jLogger"]
+    debug.receive = on
+    actor {
+      provider = "akka.remote.RemoteActorRefProvider"  # ignored if internal.communication = 'socket'
+    }
+    remote {                                           # ignored if internal.communication = 'socket'
+      enabled-transports = ["akka.remote.netty.tcp"]
+      shutdown-timeout = 2 s
+      watch-failure-detector.heartbeat-interval = 20 s
+      netty.tcp {
+        port = 2551
+        hostname = 0.0.0.0
+        send-buffer-size = 10 MiB
+        receive-buffer-size = 10 MiB
+        maximum-frame-size = 10 MiB
+      }
+    }
+  }
+
+  # communication settings
+  communication {
+    type = "socket" # `socket` or `remote`(default)
+    # Leader
+    admin.hostname = ${ADMIN_HOST}
+    admin.port = 2551
+
+    # Node
+    local.hostname = 0.0.0.0
+    local.port = 2552
+  }
+}
+
+# Application defined parameters
+# ~~~~~
+auth.cookie.secure = false
+
+# Database configuration
+# ~~~~~
+# DB plugin is disabled by default. It will be configured on the application startup.
+# Don't change it.
+dbplugin = disabled
+
+# MongoDB
+# one host or list of hosts in replica sets
+# ~~~~~~~
+mongodb {
+  host = ${DB_CLUSTER}
+  # Database name
+  # You can optional set db name, otherwise used `portaldb`
+  main.db = "prod"
+  billing.db = "billing"
+  keepAlive = 100
+  connectTimeoutMS = 30000
+}
+
+# SDS Specific parameters
+# ~~~~~
+sds.api {
+  # Use short living cache for procedure calls.
+  cache.use = ${CACHE_USE}
+  # Set time to live for a procedure call cache in seconds. Defualt is 10 sec.
+  cache.timeout = 5 # seconds
+  # The list of included cacheable procedures.
+  # If commented or empty, all calls will be cached except ones listened in the `cache.excluded` section
+  # cache.include = [GET_DEPARTMENT_LIST]
+  # The list of cacheable procedures to be excluded
+  # cache.exclude = [GET_FILIAL_LIST]
+}
+
+# WS configuration currently used in SDS communication
+# ~~~~~
+ws.timeout {
+  connection = 20000
+  request = 20000
+  report = 60000
+}
+ws.acceptAnyCertificate = true
+
+# MMT Api settings
+# ~~~~~
+mmt {
+  # in seconds
+  timeout = 25
+}
+
+# Play static assets
+# ~~~~~
+assets.defaultCache = "max-age=604800" # 1 week
+
+# Customer Assets
+# ~~~~~
+customer.assets {
+  defaultCache = 3600 # 1 hour
+  # Loading asstes from <>.
+  # You can use either `local` or db` . In production environment we usally use `db` mode
+  loading.mode = "db"
+}
+
+# ESIA
+# ~~~~~
+# Test SSO url:
+esia.sso.url = "https://esia.gosuslugi.ru/idp/profile/SAML2/Redirect/SSO"
+# Test SLO url:
+esia.slo.url = "https://esia.gosuslugi.ru/idp/profile/SAML2/Redirect/SLO"
+# Use or not global saml2 logout.
+esia.slo.use = true
+# ~~~~
+# OAUTH2
+esia.oauth2.globalLogout.use = false
+esia.oauth2.isProd = true
+
+# Yandex.Kassa
+# ~~~~~
+yandex.kassa.processingUrl = "https://demomoney.yandex.ru/eshop.xml"
+
+telemedicine {
+  secret = "a-5u=I|4a@Ie]XZxi+I'=yOi^fiX1mF_<tELx23V&]P[{X'pZa.@9;&-s/YdRR9"

docker-entrypoint.sh

@@ -1,28 +0,0 @@
-#!/usr/bin/env bash
-
-if [ ! -z "${APPNET}" ]; then
-    echo "Initial nslookup ${ADMIN_HOST}.${APPNET}"
-    while [ ! $(dig tasks.${ADMIN_HOST}.${APPNET} +short) ];do \
-        echo "Waiting for ${ADMIN_HOST}.${APPNET} to become available";sleep 1;done
-        echo "$(hostname -i)"
-    for i in $(hostname -i);do
-        if [[ $(echo ${i}|cut -d. -f1-3) == $(dig tasks.${ADMIN_HOST}.${APPNET} +short|cut -d. -f1-3) ]];then
-            echo "TASKS_SERVICE_IP=${i}" >> /vars.file
-	        echo "export TASKS_SERVICE_IP" >> /vars.file
-        fi
-    done
-    echo $(dig tasks.${ADMIN_HOST}.${APPNET} +short) > /tmp/admin_ip
-fi
-
-echo "#Dummy" >> /etc/rc.d/init.d/functions
-source /etc/init.d/web-registry-portal status
-cat /vars.file
-source /vars.file
-rm -rf /var/run/web-registry-portal/play.pid
-
-if [ ! -z "$*" ]
-then
-    exec "$@"
-else
-    exec ${WEB_REGISTRY_BIN} ${WEB_REGISTRY_CUSTOM_OPTS} ${WEB_REGISTRY_OPTS}
-fi

entrypoint.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+echo "#Dummy" >> /etc/rc.d/init.d/functions
+source /etc/init.d/web-registry-portal status
+rm -rf /var/run/web-registry-portal/play.pid
+
+if [ ! -z "$*" ]
+then
+    exec "$@"
+else
+    exec ${WEB_REGISTRY_BIN} ${WEB_REGISTRY_CUSTOM_OPTS} ${WEB_REGISTRY_OPTS}
+fi

healthcheck.sh

@@ -1,26 +1,3 @@
 #!/bin/bash
 
-curtime=`date +%s`
-
 curl -f -H 'Host:demo.infoclinica.ru' 127.0.0.1:9000/login || exit 1
-
-# Проверяем наличие файла с переменной time_to_dead
-if [ -f /tmp/dead ];then
-  if (( ${curtime} > $(cat /tmp/dead) ));then kill 1;fi
-else
-# Определяем изменился ли адрес админки
-  ping -c3 $(cat /tmp/admin_ip)
-  if [[ $? -ne 0 ]]; then
-    new_admin_ip=$(dig +short tasks.${ADMIN_HOST}.${APPNET})
-    if [[ ${new_admin_ip} != $(cat /tmp/admin_ip) ]];then
-      ping -c3 ${new_admin_ip} || exit 0
-    fi
-# Вычисляем адреса task'ов и сортируем их
-    sorted=($(echo $(dig tasks.${SERVICE_NAME}.${APPNET} +short)|tr " " "\n"|sort -n))
-    for (( i=0; i < ${#sorted[*]}; i++ ))
-    do
-      [[ $(ip a | grep ${sorted[${i}]}) ]] && echo $((${i}*180+$(date +%s)+40)) > /tmp/dead
-    done
-  fi
-fi
-exit 0