This PR adds the following to the ./server directory:
a Dockerfile, which maps ./server to the container's working directory, /app
entrypoint.sh, an entrypoint script that runs when the container starts
build_deploy.sh, a convenience build script
server_requirements.txt, the base requirements to run the server as it is now
various metadata for the Docker and GCloud build processes (.dockerignore, .gcloudignore)
The PR also adds a GH action to build and deploy the Docker image to the Word Lapse API VM when a push to main affects the ./server folder. The action relies on the secrets GCE_PROJECT and GCP_CREDENTIALS, both of which have been registered as secrets in the GitHub project settings.
The entrypoint script does the following:
If /app/data is empty, clones https://github.com/greenelab/word-lapse-models into that folder. If it's not empty it performs an LFS pull in that folder. (This behavior can be disabled by setting the env var UPDATE_DATA to 0.)
If /etc/letsencrypt/ is empty, uses Let's Encrypt to create a certificate for api-wl.greenelab.com. If it's not empty, it attempts to renew the certificate, which is a no-op if the certificate doesn't need renewal. (This behavior can be disabled by setting the env var USE_HTTPS to 0.)
Starts uvicorn, a performant WSGI-hosting webserver, to serve the API. If USE_HTTPS is unspecified, runs the server on port 443 with SSL using the certificate; if USE_HTTPS is 0, runs the server on port 80 without SSL.
The build script does the following:
If the env var BUILD_LOCAL is 1, builds the image locally and pushes it to gcr.io/word-lapse/word-lapse-api-image:${COMMIT_SHA}, where COMMIT_SHA is the latest commit hash in the server folder.
If BUILD_LOCAL is unspecified, performs a remote build using Google's Cloud Build service, then deploys the image to the Word Lapse API server, restarting it if it's running or updating its metadata without starting it if it's stopped.
If the env var SKIP_BUILD is set for a remote build, the Cloud Build step is skipped.
If SKIP_DEPLOY is 1, skips updating the API VM.
Data notes:
/app/data is marked as a volume, so they'll persist between container recreations.
On the VM, the volume is host-bound to /mnt/stateful_partition/word-lapse-data, which is located on the 100GB boot disk. We may consider making this an attached disk and shrinking the boot disk if we expect the models to grow.
/etc/letsencrypt/ is also marked as a volume, but it isn't bound to the host.
This PR adds the following to the
./serverdirectory:Dockerfile, which maps./serverto the container's working directory,/appentrypoint.sh, an entrypoint script that runs when the container startsbuild_deploy.sh, a convenience build scriptserver_requirements.txt, the base requirements to run the server as it is now.dockerignore,.gcloudignore)The PR also adds a GH action to build and deploy the Docker image to the Word Lapse API VM when a push to
mainaffects the./serverfolder. The action relies on the secretsGCE_PROJECTandGCP_CREDENTIALS, both of which have been registered as secrets in the GitHub project settings.The entrypoint script does the following:
/app/datais empty, clones https://github.com/greenelab/word-lapse-models into that folder. If it's not empty it performs an LFS pull in that folder. (This behavior can be disabled by setting the env varUPDATE_DATAto 0.)/etc/letsencrypt/is empty, uses Let's Encrypt to create a certificate forapi-wl.greenelab.com. If it's not empty, it attempts to renew the certificate, which is a no-op if the certificate doesn't need renewal. (This behavior can be disabled by setting the env varUSE_HTTPSto 0.)USE_HTTPSis unspecified, runs the server on port 443 with SSL using the certificate; ifUSE_HTTPSis 0, runs the server on port 80 without SSL.The build script does the following:
BUILD_LOCALis 1, builds the image locally and pushes it togcr.io/word-lapse/word-lapse-api-image:${COMMIT_SHA}, whereCOMMIT_SHAis the latest commit hash in the server folder.BUILD_LOCALis unspecified, performs a remote build using Google's Cloud Build service, then deploys the image to the Word Lapse API server, restarting it if it's running or updating its metadata without starting it if it's stopped.SKIP_BUILDis set for a remote build, the Cloud Build step is skipped.SKIP_DEPLOYis 1, skips updating the API VM.Data notes:
/app/datais marked as a volume, so they'll persist between container recreations./mnt/stateful_partition/word-lapse-data, which is located on the 100GB boot disk. We may consider making this an attached disk and shrinking the boot disk if we expect the models to grow./etc/letsencrypt/is also marked as a volume, but it isn't bound to the host.