-
%wojtek I've committed an initial version of Docker files required to build 4 different versions of Tigase XMPP Server images:
- Tigase 8.0.0 on JDK 8
- Tigase 8.0.0 on JDK 11
- Tigase 8.1.0-SNAPSHOT (latest) on JDK 8
- Tigase 8.1.0-SNAPSHOT (latest) on JDK 11
For all images, I've used existing OpenJDK Docker images to make them easier. All of them are based on "slim" versions of those images containing only necessary stuff. I've considered creating some of them for "Alpine Linux" as well, but our startup scripts are incompatible with Alpine (there is no BASH by default).
JDK11 images are slightly larger than JDK8 images but I've not found any issues with them (most likely different packages are installed on the base image from OpenJDK).
You can build and run those images on your machine having docker installed with the following commands:
Tigase 8.0.0 on JDK 8
docker build -t tigase:8.0.0-jdk8-slim -f 8.0.0/jdk-8/slim/Dockerfile --no-cache 8.0.0/ docker run -d -t -v /Users/andrzej/Development/runtime/docker-test/etc/:/home/tigase/tigase-server/etc/ -e DB_ROOT_USER=root -e DB_ROOT_PASS=me-262 -p 5222:5222 -p 8080:8080 --name test1 tigase:8.0.0-jdk8-slim
Tigase 8.0.0 on JDK 11
docker build -t tigase:8.0.0-jdk11-slim -f 8.0.0/jdk-11/slim/Dockerfile --no-cache 8.0.0/ docker run -d -t -v /Users/andrzej/Development/runtime/docker-test/etc/:/home/tigase/tigase-server/etc/ -e DB_ROOT_USER=root -e DB_ROOT_PASS=me-262 -p 5222:5222 -p 8080:8080 --name test1 tigase:8.0.0-jdk11-slim
Tigase 8.1.0-SNAPSHOT (latest) on JDK 8
docker build -t tigase:latest-jdk8-slim -f latest/jdk-8/slim/Dockerfile --no-cache latest/ docker run -d -t -v /Users/andrzej/Development/runtime/docker-test/etc/:/home/tigase/tigase-server/etc/ -e DB_ROOT_USER=root -e DB_ROOT_PASS=me-262 -p 5222:5222 -p 8080:8080 --name test1 tigase:latest-jdk8-slim
Tigase 8.1.0-SNAPSHOT (latest) on JDK 11
docker build -t tigase:latest-jdk11-slim -f latest/jdk-11/slim/Dockerfile --no-cache latest/ docker run -d -t -v /Users/andrzej/Development/runtime/docker-test/etc/:/home/tigase/tigase-server/etc/ -e DB_ROOT_USER=root -e DB_ROOT_PASS=me-262 -p 5222:5222 -p 8080:8080 --name test1 tigase:latest-jdk11-slim
Dockerfiles are filled with comments to make them easier to understand and use.
I've added README.md file as well with the description of parameters provided by those images. I've skipped parameter defined by docker as most of docker users known them already.
In the README file and in the examples above I've used
tigase
as name of the image, but I'm not sure iftigase-xmpp-server
would not be a better fit. %kobit What do you think? If change is needed then you only need to replacetigase:
in the above commands withtigase-xmpp-server
. To publish on the Docker Hub, name will be used from the name registered on the Docker Hub, so still some adjustments may be needed. -
Below is an example usage of those images for creating a cluster on the macOS with cluster connections created on the separate inner network (required on macOS).
Creating network
tigase-cluster
Creating container
tigase-c1
and connecting to networktigase-cluster
docker run -d -t \ -v /Users/andrzej/Development/runtime/tigase-cluster/etc/:/home/tigase/tigase-server/etc/ \ -v /Users/andrzej/Development/runtime/tigase-cluster/c1/certs/:/home/tigase/tigase-server/certs/ \ -v /Users/andrzej/Development/runtime/tigase-cluster/c1/logs:/home/tigase/tigase-server/logs/ \ -e DB_ROOT_USER=root \ -e DB_ROOT_PASS=root-pass \ --net bridge \ -p 5222:5222 \ -p 5269:5269 \ -p 8080:8080 \ -p 9070:9070 \ --name tigase-c1 \ tigase:latest-jdk11-slim docker network connect tigase-cluster tigase-c1
Creating container
tigase-c2
and connecting to networktigase-cluster
docker run -d -t \ -v /Users/andrzej/Development/runtime/tigase-cluster/etc/:/home/tigase/tigase-server/etc/ \ -v /Users/andrzej/Development/runtime/tigase-cluster/c2/certs/:/home/tigase/tigase-server/certs/ \ -v /Users/andrzej/Development/runtime/tigase-cluster/c2/logs:/home/tigase/tigase-server/logs/ \ -e DB_ROOT_USER=root \ -e DB_ROOT_PASS=root-pass \ --net bridge \ -p 5322:5222 \ -p 5369:5269 \ -p 8380:8080 \ -p 9370:9070 \ --name tigase-c2 \ tigase:latest-jdk11-slim docker network connect tigase-cluster tigase-c2
Restarting instances
After first creation it is nice to restart instances to make them see new network
Now you should have working Tigase XMPP Cluster in Docker with 2 instances.
I've used here same config (
etc
) directory for both instances to make sure that both of them have the same config. Cluster config is usually provided by me and edited directly on the host machine.tigase-c2
uses different ports as we are mapping those on the host, so they cannot use the same port. On Linux, it is possible to attach containers as a new machine to the same network to which host is connected, which make setups like that (without changing/mapping ports) a lot more useful.I'm posting those here as an introduction to setting up those images on Docker and a base for ie. tutorial on "How to set Tigase Cluster on Docker?".
I'm personally using those for testing of clustering issues. Port
9070
is a port on which I'm running debugger for easy analysis of the issues. -
A couple of comments and changes I made:
- I don't think we should link
latest
to nightly - most of the timelatest
is used to denote the most up-to-date stable (and it's used by default if no tag is provided) - changed the structure and simplified tags:
Dockerfile
is not directly in version main subdirectory and possible flavour can go deeper. I also removed (suggested) tags indicating base image. I opted to changetigase
totigase-xmpp-server
(and renamed repository accordingly: tigase-xmpp-server-docker - from what I checked there wasn't any links pointing to it) - changed base image from
jdk11-slim
tojre11-slim
- in theory they don't build proper JRE nowadays, but still jre-flavoured distribution is available (mostly lacking JDK sources and compiler, see 11-jdk-slim and 11-jre-slim) but it's way smaller than JDK and effective Tigase image is roughly half the size (247MB vs 444MB) - changed and extended Readme with some example configuration, removed disclaimer about production status
- created DockerHub repository and filled it out with information as well as published current versions (https://hub.docker.com/r/tigase/tigase-xmpp-server)
- created TC job to build and publish nightlies: https://tc.tigase.net/buildConfiguration/PublicProjects_TigaseXmppServerDocker_Build (had to create additional account
tigaseteam
as TC requires entering credentials)
- created TC job to build and publish nightlies: https://tc.tigase.net/buildConfiguration/PublicProjects_TigaseXmppServerDocker_Build (had to create additional account
- I don't think we should link
-
- I don't think we should link
latest
to nightly - most of the timelatest
is used to denote the most up-to-date stable (and it's used by default if no tag is provided)
Well,
latest
is usually newest version and never should be considered stable as it may be changed (replaced with newer, even incompatible, version) without any warning. (https://vsupalov.com/docker-latest-tag/)- changed the structure and simplified tags:
Dockerfile
is not directly in version main subdirectory and possible flavour can go deeper. I also removed (suggested) tags indicating base image. I opted to changetigase
totigase-xmpp-server
(and renamed repository accordingly: tigase-xmpp-server-docker - from what I checked there wasn't any links pointing to it)
As for "flattening" I'm not sure if we should do that. What if we would like to introduce new flavors? (ie. new JDK?)
- changed base image from
jdk11-slim
tojre11-slim
- in theory they don't build proper JRE nowadays, but still jre-flavoured distribution is available (mostly lacking JDK sources and compiler, see 11-jdk-slim and 11-jre-slim) but it's way smaller than JDK and effective Tigase image is roughly half the size (247MB vs 444MB)
Is groovy working? I'm asking as it requires compiler...
- I don't think we should link
-
Well, latest is usually newest version and never should be considered stable as it may be changed (replaced with newer, even incompatible, version) without any warning. (https://vsupalov.com/docker-latest-tag/)
"stable" as in "stable release" (i.e. general-availably as opposed to nightly).
latest
is just a tag that denotes the "latest release" and in case of the most popular images (mysql, postgres, mongo, redis and node)latest
does seem to point to the latest stable release. Most of the time images don't even publish betas, not to mention nightlies. Hence, I'd say that renaminglatest
directory tonightlies
(which points to our nightlies) does make sense (and seems in line with the article you shared…).As for "flattening" I'm not sure if we should do that. What if we would like to introduce new flavors? (ie. new JDK?)
Then we can add it as sub-directory if (and when) needed? For example postgres follows this pattern and IMHO it makes sense.
Is groovy working? I'm asking as it requires compiler...
Yes, it does :-)
There is one thing I'm slightly concerned about, namely running
upgrade-schema
on each startup. In principle the idea is good but, due to #server-1184, on the first startup there is na "nasty" exception, which can make for a bad impression:wojtek@atlantiscity.local ~/dev/tigase/tigase-xmpp-server-docker $ docker run --name tigase-server -p 8080:8080 -p 5222:5222 tigase/tigase-xmpp-server Upgrading database schema... Aug 11, 2020 1:40:19 PM tigase.db.util.SchemaManager loadSchemas INFO: beginning loading schema files... Aug 11, 2020 1:40:19 PM tigase.util.dns.DNSResolverDefault <init> WARNING: Resolving default host name: 493f161491be took: 16 Aug 11, 2020 1:40:20 PM tigase.db.util.SchemaManager main SEVERE: Error while loading schema java.lang.NullPointerException at tigase.db.util.SchemaManager.getDataSources(SchemaManager.java:701) at tigase.db.util.SchemaManager.getRepositories(SchemaManager.java:723) at tigase.db.util.SchemaManager.getDataSourcesAndSchemas(SchemaManager.java:422) at tigase.db.util.SchemaManager.loadSchemas(SchemaManager.java:450) at tigase.db.util.SchemaManager.loadSchemas(SchemaManager.java:630) at tigase.db.util.SchemaManager.upgradeSchema(SchemaManager.java:362) at tigase.util.ui.console.Task.execute(Task.java:59) at tigase.db.util.SchemaManager.execute(SchemaManager.java:228) at tigase.db.util.SchemaManager.main(SchemaManager.java:182) Starting Tigase XMPP Server... Running Tigase: componentInfo{Title=Tigase XML Tools, Version=4.1.0-b287/028d0a0a, Class=tigase.xml.XMLUtils} componentInfo{Title=Tigase Utils, Version=4.1.0-b437/a3e8f636, Class=tigase.util.ClassUtil} componentInfo{Title=Tigase XMPP Server, Version=8.1.0-b5641/99fb6fd4, Class=tigase.server.XMPPServer} componentInfo{Title=Tigase XMPP Server Distribution, Version=8.1.0-b10857/dbf58aae, Class=tigase.dist.XmppServerDist} [2020-08-11 13:40:20:821] [FINEST ] [ main ] OldConfigHolder.detectPathAndFormat(): No property file not specified! Using default one etc/init.properties [2020-08-11 13:40:20:905] [FINEST ] [ main ] OldConfigHolder.detectPathAndFormat(): Provided property file /home/tigase/tigase-server-8.1.0-b10857/etc/init.properties does NOT EXISTS! Trying to use default one etc/init.properties [2020-08-11 13:40:20:914] [CONFIG ] [ main ] ConfigHolder.loadFromDSLFiles() : Loading configuration from file: etc/config.tdsl [2020-08-11 13:40:20:968] [CONFIG ] [ main ] ConfigHolder.loadConfiguration() : Loaded configuration: 'config-type' = 'setup' http () { setup () { 'admin-password' = 'tigase' 'admin-user' = 'admin' } } …
Of course NPE will be fixed, but this would be at best 8.1.1. I was thinking that in the startup script we could add a check whether
upgrade-schema
should indeed be run (either checking if this is a setup mode, i.e.'config-type' = 'setup'
or if there aredataSource
's present) -- what do you think @andrzej.wojcik? -
NPE fixed and article published on blog (https://tigase.net/tigase-meets-docker/) and social media.
-
@kobit 5223 is for "legacy SSL" but also for newest (and fastest) DirectTLS
-
@kobit Port list is already there (https://docs.tigase.net/tigase-server/master-snapshot/Administration_Guide/html/#_ports_description) though it lacks proper description for 5223 (DirectTLS). I updated it slightly: https://github.com/tigase/tigase-server/commit/73b9e7d2e8ea2003159144a924507ec59d44dbfc
-
I was talking about README page on GitHub: https://github.com/tigase/tigase-xmpp-server-docker This is the first and usually the only place people look for instructions.
-
In the readme we have this section "Exposing ports". And for 5223 we have "connections over TLS/SSL". For 5222 there is no indication of connection type, so it may leave impression that this is only for plain text connections. So I would just update what we have to something like this:
- 5222 - for incoming client to server XMPP connections over TLS or Plain
- 5223 - for incoming client to server XMPP connections over DirectTLS or Legacy SSL
and so on...
I would be even inclined to drop "Plain" option at all from documentation as it may give impression that Tigase is not secure.
Type |
New Feature
|
Priority |
Blocker
|
Assignee | |
RedmineID |
8675
|
Version |
tigase-server-8.2.0
|
configuration to prepare docker imageconfigure deployment of images/configuration to public repository/repositoriesdocumentation how to use Tigase docker image, including handling configuration and updating installation to newer version.