Deploy Traderx

cleanup.sh

#!/bin/bash

sudo rm -rf /var/log/journal/*

sudo docker system prune -a -f

sudo docker rm -v $(sudo docker ps -a -q -f status=exited)
sudo docker rmi -f  $(sudo docker images -f "dangling=true" -q)
docker volume ls -qf dangling=true | xargs -r docker volume rm

deploy-traderx.md

Install (and start) Docker

sudo yum install docker
sudo usermod -a -G docker ec2-user
id ec2-user
newgrp docker
sudo systemctl enable docker.service
sudo systemctl start docker.service

Install Docker compose

wget https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)
sudo mv docker-compose-$(uname -s)-$(uname -m) /usr/local/bin/docker-compose
sudo chmod -v +x /usr/local/bin/docker-compose

Define cleanup and deploy scripts (below)

chmod +x ~/*.sh

Install cron

sudo yum install cronie -y
sudo systemctl enable crond.service
sudo systemctl start crond.service
crontab -e

Add:

0 5      *   *   *      ec2-user /home/ec2-user/deploy-traderx.sh
0 6      *   *   *      root    sudo /sbin/shutdown -r +5
0 0,12   *   *   *      root    /usr/bin/python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && sudo certbot renew -q

Install Letsencrypt

wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo rpm -ihv --nodeps ./epel-release-latest-8.noarch.rpm
sudo yum install nginx
sudo systemctl enable nginx.service
sudo pip3 install certbot certbot-nginx
sudo /home/ec2-user/.local/bin/certbot --nginx -d demo.traderx.finos.org  --agree-tos -m [email protected]
vi /etc/nginx/nginx.conf # set server_name to demo.traderx.finos.org
# Add the following under "server"
# location /ng-cli-ws {
#     proxy_pass http://localhost:8080/ng-cli-ws;
#     proxy_http_version 1.1;
#     proxy_set_header Upgrade $http_upgrade;
#     proxy_set_header Connection "upgrade";
# }
# 
# location /trade-feed/  {
#     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#     proxy_set_header Host $http_host;
# 
#     proxy_pass http://localhost:8080/trade-feed/;
# 
#     proxy_http_version 1.1;
#     proxy_set_header Upgrade $http_upgrade;
#     proxy_set_header Connection "upgrade";
# 
# }
# 
# location /socket.io/ {
#     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#     proxy_set_header Host $http_host;
# 
#     proxy_pass http://localhost:8080/socket.io/;
# 
#     proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

# location / {
#   proxy_pass http://localhost:8080/;
# }

Checkout traderx

PAT="<github token>" git clone https://[email protected]/finos/traderx.git
cd traderx

Run traderx

TRADERX_FQDN="demo.traderx.finos.org" docker-compose up --build -d

Note that the Angular frontend can take up to 7 minutes to start and be ready to serve requests; until then, you will get a 504 Gateway Time-out error when loading the website.

To debug, use the following commands:

• docker ps
• watch docker logs traderx-web-front-end-angular-1
• watch docker logs traderx-ingress-1

Networking

Add security group, enable inbound connections to ports 80 and 443 for 0.0.0.0/0 ; for debugging purposes, you may also want to open ports 8080, 18084, 18085, 18086, 18088, 18089, 18090, 18091, 18092, 18093, 18094.

Links

• https://aaron-janes.medium.com/secure-your-amazon-ec2-instance-with-lets-encrypt-ssl-in-just-3-lines-of-code-a-step-by-step-b3fc99d11415
• https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/

deploy-traderx.sh

#!/bin/bash

/home/ec2-user/cleanup.sh
cd /home/ec2-user/traderx
git pull
# docker-compose down
TRADERX_FQDN="demo.traderx.finos.org" docker-compose up --build -d

upgrade.md

cd traderx
git pull
docker-compose down
/home/ec2-user/cleanup.sh
TRADERX_FQDN="demo.traderx.finos.org" docker-compose up --build -d