diff --git a/subjects/devops/play-with-containers/README.md b/subjects/devops/play-with-containers/README.md new file mode 100644 index 000000000..08219afb9 --- /dev/null +++ b/subjects/devops/play-with-containers/README.md @@ -0,0 +1,88 @@ +## play-with-containers + +![Microservices](pictures/Microservices.png) + +### Objectives + +This project aims to discover the container concepts and tools, and practice these tools by creating a microservices architecture with docker and docker-compose. Additionally, as a cloud and DevOps student, you will gain insight into key containers and docker concepts as follows: + +- `Containers`, is a unit of software that packages code and its dependencies so the application runs quickly and reliably across computing environments. +- `Docker`, is a set of "platform as a service" products that use OS-level virtualization to deliver software in packages called containers. +- `Dockerfile`, is a text document that contains all the commands a user could call on the command line to assemble an image. +- `Docker Images`, is a read-only template that contains a set of instructions for creating a container that can run on the Docker platform. +- `Docker Networks`, it's enables a user to link a Docker container to as many networks as he/she requires. +- `Docker Volumes`, Volumes are the preferred mechanism for persisting data generated by and used by Docker containers. +- `Docker Compose`, Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application's services. + +### Tips + +- Spend time on the theory before rushing into the practice. +- Read the official documentation of docker. + +> Any lack of understanding of the concepts of this project may affect the difficulty of future projects, Take your time to understand all concepts. + +> Be curious and never stop searching! + +> Each operation in Dockerfile is a layer in the image, You must design it appropriately to avoid duplicate or useless layers in the image. + +> It is not recommended to use 'latest' in your Dockerfile, instead of that you can specify the version in the tag, + +### Instructions + +You have to install docker in your Linux virtual machine. + +> You will need it in the audit. + +You have to implement this architecture: +![architecture](pictures/architecture.png) + +You will use the services you developed in the `crud-master` project, otherwise, you can use our services: `crud-master solution` + +You are required to create `Dockerfiles` for each service and call them in your `docker-compose.yml` (Each service should have its container for optimal performance.). +To ensure performance, the containers should be created from the penultimate stable version of either `Alpine` or `Debian`, depending on your preference. +The corresponding service and Docker image must share the same name. +This implies that you must build your project's Docker images and are not allowed to use pre-built Docker images or services like DockerHub, except for `Alpine` and `Debian`. + +#### Docker Containers: + +- `inventory-database container` is a SQL database server that contains your inventory database, it must be accessible via port `5432`. +- `billing-database container` is a SQL database server that contains your billing database, it must be accessible via port `5432`. +- `inventory-app container` is a Node.Js server that contains your inventory-app code running and connected to the inventory database and accessible via port `8080`. +- `billing-app container` is a Node.Js server that contains your billing-app code running and connected to the billing database and consuming the messages from the RabbitMQ queue, and it can be accessible via port `8080`. +- `RabbitMQ container` is a RabbitMQ server that contains the queue +- `api-gateway-app container` is a Node.Js server that contains your api-gateway-app code running and forwarding the requests to the other services and it's accessible via port `3000`. + +> Containers must be restarted in case of failure! + +#### Docker Volumes: + +- `inventory-database volume` contains your inventory database. +- `billing-database volume` contains your billing database. +- `api-gateway-app volume` contains your Api gateway logs. + +#### Docker Network: + +- You must have a docker network that establishes the connection between all services inside your docker host. +- Any outside request must be able to access only the `api-gateway-app` via port `3000`. + +> All resources in your infrastructure must be targeted and managed by docker-compose. + +> You don't have to push your credentials and passwords to your repo, the credentials and passwords must be in the `.env` file, and this file must be ignored in the `.gitignore` file +> Don't push your passwords to Git, unless you want to throw a thief's party with free drinks and no bouncers on duty! + +### Documentation + +You must push a `README.md` file contains full documonation of your solution (Prerequisites, Configuration, Setup, Usage, ...). + +### Bonus + +If you complete the mandatory part successfully and you still have free time, you can implement anything that you feel deserves to be a bonus. + +Challenge yourself! + +### Submission and audit + +You must submit the `README.md` file and all files used to create and delete and manage your infrastructure: docker-compose, Dockerfiles, scripts,... + +> The infrastructure must be able to be created, deleted, and managed only by docker-compose. +> In the audit you will be asked different questions about the concepts and the practice of this project, prepare yourself! diff --git a/subjects/devops/play-with-containers/audit/README.md b/subjects/devops/play-with-containers/audit/README.md new file mode 100644 index 000000000..323d3a81b --- /dev/null +++ b/subjects/devops/play-with-containers/audit/README.md @@ -0,0 +1,230 @@ +#### General + +##### Check the Repo content + +A `README.md` file and all files used to create and delete and manage the student infrastructure must be submitted in the repo. + +###### Are all the required files present? + +###### `.env` file is not exists in the repo? + +###### Are all pushed files in the repo clean of any credentials or passwords? + +##### Ask the following questions to the group or student + +###### What are containers and what are their benefits of it? + +###### What is the difference between containers and virtual machines? + +###### What is docker and what is its main role of it? + +###### Did the student reply correctly to the questions? + +##### Check the Student Documentation +The Documentation must exists in the `README.md` file! + +###### Did the README.md file contains the all required information about the solution(Prerequisites, Configuration, Setup, Usage, ...)? + +##### Check the student infrastructure: + +The student must implement this architecture: +![architecture](../pictures/architecture.png) + +##### Run the student infrastructure: + +```console +user:~$ docker-compose up +<...> +inventory-database ... done +billing-database ... done +inventory-app ... done +billing-app ... done +RabbitMQ ... done +api-gateway-app ... done +<...> +user:~$ +``` + +###### did the student respect the architecture? + +###### did the infrastructure start correctly? + +##### Ask the following questions to the group or student + +###### What is microservices architecture? + +###### Why do we use microservices architecture? + +###### What is a queue and what are its benefits of it? + +###### What is RabbitMQ? + +###### Did the student reply correctly to the questions? + +##### Verify the Dockerfiles: + +###### Is there a Dockerfile for each service? + +###### Are all Dockerfiles based on Debian or alpine? + +###### There is no sensitive data in DockerFiles or other solution files, rather it's exists in the `.env`? + +##### Ask the following questions to the group or student + +###### Explain What is a Dockerfile + +###### Explain the instructions used on the Dockerfile + +###### Did the student reply correctly to the questions? + +##### Check the Containers: + +```console +user:~$ docker ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +<...> inventory-database <...> <...> <...> 5432/tcp inventory-database +<...> billing-database <...> <...> <...> 5432/tcp billing-database +<...> inventory-app <...> <...> <...> 8080/tcp inventory-app +<...> billing-app <...> <...> <...> 8080/tcp billing-app +<...> RabbitMQ <...> <...> <...> 5672/tcp RabbitMQ +<...> api-gateway-app <...> <...> <...> 0.0.0.0:3000->3000/tcp, :::3000->3000/tcp api-gateway-app +user:~$ +``` + +- `inventory-database container` is a SQL database server that contains the inventory database, it must be accessible via port `5432`. +- `billing-database container` is a SQL database server that contains the billing database, it must be accessible via port `5432`. +- `inventory-app container` is a Node.Js server that contains the inventory-app code running and connected to the inventory database and accessible via port `8080`. +- `billing-app container` is a Node.Js server that contains the billing-app code running and connected to the billing database and consuming the messages from the RabbitMQ queue, and it can be accessible via port `8080`. +- `RabbitMQ container` is a RabbitMQ server that contains the queue +- `api-gateway-app container` is a Node.Js server that contains the api-gateway-app code running and forwarding the requests to the other services and it's accessible via port `3000`. + +##### Check the Container restart policy: + +```console +user:~$ docker inspect -f "{{ .HostConfig.RestartPolicy }}" +{on-failure 0} +user:~$ +``` + +###### Do all containers exists with the correct configuration? + +###### Do the containers configured to restart in case of failure? + +##### Check the Docker volumes: + +```console +user:~$ docker volume ls +DRIVER VOLUME NAME +<...> inventory-database +<...> billing-database +<...> api-gateway-app +user:~$ +``` + +- `inventory-database volume` contains the inventory database. +- `billing-database volume` contains the billing database. +- `api-gateway-app volume` contains the Api gateway logs. + +###### Do all volumes exist with the correct configuration? + +##### Ask the following questions to the group or student + +###### What is Docker volume? + +###### Why do we use Docker volume? + +###### Did the student reply correctly to the questions? + +##### Check the solution network: + +###### Does the connection from outside the docker host allowed only to the api-gateway-app? + +###### Is the connection to the api-gateway-app protected by SSL certification (self-signed certification is authorized)? + +##### Ask the following questions to the group or student + +###### What is the Docker network? + +###### Why do we use the Docker network? + +###### What is an SSL certification and why do we use it? + +###### Did the student reply correctly to the questions? + +##### Check the Docker images: + +```console +user:~$ docker images +REPOSITORY TAG IMAGE ID CREATED SIZE +inventory-database <...> <...> <...> <...> +billing-database <...> <...> <...> <...> +inventory-app <...> <...> <...> <...> +billing-app <...> <...> <...> <...> +RabbitMQ <...> <...> <...> <...> +api-gateway-app <...> <...> <...> <...> +user:~$ +``` + +###### Is there a Docker image for each service with the same service name? + +##### Ask the following questions to the group or student + +###### What is a Docker image? + +###### Why do we use Docker images? + +###### Where we can find some Public Docker images? + +###### Did the student reply correctly to the questions? + +##### Test The solution + +#### Inventory API Endpoints + +##### Open Postman and make a `POST` request to `http://[GATEWAY_IP]:[GATEWAY_PORT]/api/movies/` address with the following body as `Content-Type: application/json`: +```json +{ + "title": "A new movie", + "description": "Very short description" +} +``` + +###### Can you confirm the response was the success code `200`? + +##### In Postman make a `GET` request to `http://[GATEWAY_IP]:[GATEWAY_PORT]/api/movies/` address. + +###### Can you confirm the response was success code `200` and the body of the response is in `json` with the information of the last added movie? + +#### Billing API Endpoints + +##### Open Postman and make a `POST` request to `http://[GATEWAY_IP]:[GATEWAY_PORT]/api/billing/` address with the following body as `Content-Type: application/json`: +```json +{ + "user_id": "20", + "number_of_items": "99", + "total_amount": "250" +} +``` + +###### Can you confirm the response was success code `200`? + +##### Stop the billing-app container + +###### Can you confirm the `billing-app` container was correctly stopped? + +##### Open Postman and make a `POST` request to `http://[GATEWAY_IP]:[GATEWAY_PORT]/api/billing/` address with the following body as `Content-Type: application/json`: +```json +{ + "user_id": "22", + "number_of_items": "10", + "total_amount": "50" +} +``` + +###### Can you confirm the response was success code `200` even if the `billing_app` is not working? + +#### Bonus + +###### + Did the student add any optional bonus? + +###### + Is this project an outstanding project? diff --git a/subjects/devops/play-with-containers/pictures/Microservices.png b/subjects/devops/play-with-containers/pictures/Microservices.png new file mode 100644 index 000000000..fe9027ec1 Binary files /dev/null and b/subjects/devops/play-with-containers/pictures/Microservices.png differ diff --git a/subjects/devops/play-with-containers/pictures/architecture.png b/subjects/devops/play-with-containers/pictures/architecture.png new file mode 100644 index 000000000..d1bb8a8bb Binary files /dev/null and b/subjects/devops/play-with-containers/pictures/architecture.png differ