🎉 Added Docker configuration files and scripts 🎨
This commit is contained in:
282
README-Docker.md
Normal file
282
README-Docker.md
Normal file
@ -0,0 +1,282 @@
|
||||
# MYP Docker Setup - Mercedes-Benz TBA Marienfelde
|
||||
|
||||
Vollautomatische Docker-Containerisierung für das **MYP (Manage Your Printers)** 3D-Drucker-Management-System.
|
||||
|
||||
## 🚀 Schnellstart
|
||||
|
||||
### Automatische Installation & Deployment
|
||||
|
||||
```bash
|
||||
# Docker Setup ausführen (benötigt sudo)
|
||||
sudo ./setup-docker.sh
|
||||
```
|
||||
|
||||
Das Skript führt **automatisch** folgende Schritte aus:
|
||||
|
||||
1. **System-Update** (apt update & upgrade)
|
||||
2. **Docker Installation** (proprietäre Debian-Version)
|
||||
3. **Docker Compose Installation**
|
||||
4. **Bereinigung** bestehender Container/Images
|
||||
5. **Multi-Port-Deployment** (80, 443, 5000)
|
||||
|
||||
### Manuelle Docker-Befehle
|
||||
|
||||
```bash
|
||||
# Container bauen und starten
|
||||
docker-compose up -d
|
||||
|
||||
# Container-Status prüfen
|
||||
docker-compose ps
|
||||
|
||||
# Logs verfolgen
|
||||
docker-compose logs -f
|
||||
|
||||
# Container stoppen
|
||||
docker-compose down
|
||||
|
||||
# Komplette Bereinigung
|
||||
docker-compose down -v --rmi all
|
||||
```
|
||||
|
||||
## 🌐 Verfügbare Services
|
||||
|
||||
Nach erfolgreichem Setup sind **drei Container** verfügbar:
|
||||
|
||||
| Service | Port | URL | Zweck |
|
||||
|---------|------|-----|-------|
|
||||
| **HTTP** | 80 | http://localhost:80 | Produktions-HTTP |
|
||||
| **HTTPS** | 443 | https://localhost:443 | Produktions-HTTPS (SSL) |
|
||||
| **Development** | 5000 | http://localhost:5000 | Development/Debug |
|
||||
|
||||
## 📦 Container-Architektur
|
||||
|
||||
### Multi-Stage Dockerfile
|
||||
|
||||
1. **Python Builder**: Dependencies in virtueller Umgebung
|
||||
2. **Node.js Builder**: Frontend-Assets (TailwindCSS)
|
||||
3. **Production Runtime**: Optimierte Laufzeitumgebung
|
||||
|
||||
### Container-Features
|
||||
|
||||
- ✅ **Optimierte Python 3.11** Umgebung
|
||||
- ✅ **SSL-Zertifikate** (automatisch generiert)
|
||||
- ✅ **Health Checks** für alle Services
|
||||
- ✅ **Persistente Volumes** für Daten
|
||||
- ✅ **Development Mode** mit Live-Reload
|
||||
- ✅ **Security** (Non-root Benutzer)
|
||||
|
||||
## 🗂️ Persistente Daten
|
||||
|
||||
Docker Volumes für dauerhafte Datenspeicherung:
|
||||
|
||||
```bash
|
||||
# Alle MYP-Volumes anzeigen
|
||||
docker volume ls | grep myp-system
|
||||
|
||||
# Volume-Details
|
||||
docker volume inspect myp-system-data
|
||||
```
|
||||
|
||||
| Volume | Zweck | Mount Point |
|
||||
|--------|-------|-------------|
|
||||
| `myp-system-data` | Datenbank & Konfiguration | `/app/instance` |
|
||||
| `myp-system-logs` | System-Logs | `/app/logs` |
|
||||
| `myp-system-uploads` | Datei-Uploads | `/app/uploads` |
|
||||
| `myp-system-ssl` | SSL-Zertifikate | `/app/ssl` |
|
||||
|
||||
## 🔧 Konfiguration
|
||||
|
||||
### Umgebungsvariablen
|
||||
|
||||
| Variable | Standard | Beschreibung |
|
||||
|----------|----------|--------------|
|
||||
| `MYP_ENV` | production | Umgebung (development/production) |
|
||||
| `MYP_PORT` | 5000 | Anwendungs-Port |
|
||||
| `MYP_HOST` | 0.0.0.0 | Bind-Adresse |
|
||||
| `MYP_SSL` | false | SSL aktivieren |
|
||||
| `FLASK_ENV` | production | Flask-Umgebung |
|
||||
|
||||
### Container-spezifische Konfiguration
|
||||
|
||||
```yaml
|
||||
# HTTP Container (Port 80)
|
||||
environment:
|
||||
- MYP_PORT=80
|
||||
- MYP_SSL=false
|
||||
|
||||
# HTTPS Container (Port 443)
|
||||
environment:
|
||||
- MYP_PORT=443
|
||||
- MYP_SSL=true
|
||||
|
||||
# Development Container (Port 5000)
|
||||
environment:
|
||||
- MYP_PORT=5000
|
||||
- MYP_ENV=development
|
||||
- MYP_DEBUG=true
|
||||
```
|
||||
|
||||
## 🛠️ Entwicklung
|
||||
|
||||
### Live-Reload für Development
|
||||
|
||||
Der Development-Container (Port 5000) unterstützt **Live-Reload**:
|
||||
|
||||
```yaml
|
||||
# In docker-compose.yml
|
||||
volumes:
|
||||
- ./backend:/app:ro # Read-only Code-Mounting
|
||||
```
|
||||
|
||||
### Custom Docker Compose
|
||||
|
||||
Erstelle `docker-compose.override.yml` für lokale Anpassungen:
|
||||
|
||||
```yaml
|
||||
version: '3.8'
|
||||
|
||||
services:
|
||||
myp-dev:
|
||||
environment:
|
||||
- MYP_DEBUG=true
|
||||
- FLASK_ENV=development
|
||||
volumes:
|
||||
- ./backend:/app # Schreibzugriff für Development
|
||||
```
|
||||
|
||||
## 🔍 Monitoring & Debugging
|
||||
|
||||
### Health Checks
|
||||
|
||||
Alle Container haben automatische Health Checks:
|
||||
|
||||
```bash
|
||||
# Container-Gesundheit prüfen
|
||||
docker-compose ps
|
||||
|
||||
# Detaillierte Health-Info
|
||||
docker inspect myp-system-http | grep -A 10 Health
|
||||
```
|
||||
|
||||
### Logs & Debugging
|
||||
|
||||
```bash
|
||||
# Alle Container-Logs
|
||||
docker-compose logs -f
|
||||
|
||||
# Spezifischer Container
|
||||
docker-compose logs -f myp-http
|
||||
|
||||
# In Container einsteigen
|
||||
docker exec -it myp-system-dev bash
|
||||
|
||||
# Live-Logs aus Anwendung
|
||||
docker exec -it myp-system-dev tail -f /app/logs/app/app.log
|
||||
```
|
||||
|
||||
### Performance-Monitoring
|
||||
|
||||
```bash
|
||||
# Ressourcen-Verbrauch
|
||||
docker stats
|
||||
|
||||
# Container-Prozesse
|
||||
docker exec -it myp-system-http ps aux
|
||||
|
||||
# Netzwerk-Verbindungen
|
||||
docker exec -it myp-system-http netstat -tulpn
|
||||
```
|
||||
|
||||
## 🔒 Sicherheit
|
||||
|
||||
### SSL-Zertifikate
|
||||
|
||||
Automatisch generierte **selbstsignierte Zertifikate**:
|
||||
|
||||
```bash
|
||||
# Zertifikat-Details anzeigen
|
||||
docker exec -it myp-system-https openssl x509 -in /app/ssl/server.crt -text -noout
|
||||
|
||||
# Neue Zertifikate generieren
|
||||
docker exec -it myp-system-https rm -f /app/ssl/server.*
|
||||
docker-compose restart myp-https
|
||||
```
|
||||
|
||||
### Container-Sicherheit
|
||||
|
||||
- ✅ **Non-root Benutzer** (`myp`)
|
||||
- ✅ **Minimale Base Image** (python:slim)
|
||||
- ✅ **Keine unnötigen Pakete**
|
||||
- ✅ **Read-only Dateisystem** (wo möglich)
|
||||
|
||||
## 📊 Produktions-Deployment
|
||||
|
||||
### Systemanforderungen
|
||||
|
||||
- **OS**: Debian 11+ / Ubuntu 20.04+
|
||||
- **RAM**: Mindestens 2GB
|
||||
- **CPU**: 2 Cores empfohlen
|
||||
- **Speicher**: 10GB+ verfügbar
|
||||
- **Netzwerk**: Ports 80, 443, 5000 verfügbar
|
||||
|
||||
### Deployment-Checklist
|
||||
|
||||
1. ✅ **Firewall-Regeln** für Ports 80, 443
|
||||
2. ✅ **SSL-Zertifikate** für Production-Domain
|
||||
3. ✅ **Backup-Strategie** für Docker Volumes
|
||||
4. ✅ **Monitoring** Setup (Logs, Health Checks)
|
||||
5. ✅ **Auto-Start** Konfiguration (`restart: unless-stopped`)
|
||||
|
||||
### Production-Setup
|
||||
|
||||
```bash
|
||||
# Environment für Production setzen
|
||||
export MYP_ENV=production
|
||||
export FLASK_ENV=production
|
||||
|
||||
# Container mit Production-Config starten
|
||||
docker-compose -f docker-compose.yml up -d
|
||||
|
||||
# Auto-Start beim System-Boot
|
||||
sudo systemctl enable docker
|
||||
```
|
||||
|
||||
## 🚨 Troubleshooting
|
||||
|
||||
### Häufige Probleme
|
||||
|
||||
| Problem | Ursache | Lösung |
|
||||
|---------|---------|--------|
|
||||
| Port bereits belegt | Anderer Service auf 80/443/5000 | `sudo netstat -tulpn \| grep :80` |
|
||||
| Permission Denied | Docker-Gruppe fehlt | `sudo usermod -aG docker $USER` |
|
||||
| Build-Fehler | Requirements fehlen | `docker-compose build --no-cache` |
|
||||
| SSL-Warnung | Selbstsignierte Zertifikate | Normale Browser-Warnung |
|
||||
|
||||
### Debug-Befehle
|
||||
|
||||
```bash
|
||||
# Container-Details
|
||||
docker inspect myp-system-http
|
||||
|
||||
# Netzwerk-Connectivity
|
||||
docker network ls
|
||||
docker network inspect myp-system-network
|
||||
|
||||
# Volume-Probleme
|
||||
docker volume inspect myp-system-data
|
||||
|
||||
# Build-Logs
|
||||
docker-compose build --progress=plain
|
||||
|
||||
# Komplette Bereinigung
|
||||
./setup-docker.sh # Führt automatische Bereinigung durch
|
||||
```
|
||||
|
||||
## 📞 Support
|
||||
|
||||
**Mercedes-Benz TBA Marienfelde**
|
||||
**Autor**: Till Tomczak
|
||||
**E-Mail**: till.tomczak@mercedes-benz.com
|
||||
|
||||
**Projektdokumentation**: [CLAUDE.md](./CLAUDE.md)
|
||||
**Setup-Log**: `/tmp/myp-docker-setup.log`
|
Reference in New Issue
Block a user