Skip to main content

Deploying a SpringBoot App with an application.properties using a docker-composer.yml file and limiting resources

We saw how to deploy a Spring Boot application with its application.properties plus a .p12 key using  an SSL certificate to secure Apache Tomcat or Netty in here https://springboot-vuejs-reactjs.blogspot.com/2019/12/springboot-with-applicationproperties.html

now let's do the same thing but using a docker-composer.yml with volumes instead of using images
so that this is going to give us the advantage about updating the .jar application and restarting the container without rebuilding the whole image.

let's create a folder in which you are going to have your .jar app, the application.properties and .p12 key to secure with SSL your SpringBoot app and any other files you need to run your application,
as in the previous post if you need a mini SpringBoot app to test it, grab this https://github.com/juandavidmarin368/SpringBoot-Docker

I've got a domain name with the one I do the tests with SSL and it is http://sslbackendtest.xyz/
I've created a file inside that folder called service_one.yml and this is what let run the java app on a docker container

javaapp:

  image: openjdk:8
  container_name: service_one
  ports:
      - '7075:7075'
  volumes:
      - /Data/service_1:/Data/service_1
  working_dir: /Data/service_1
  command: "java -jar PersisterDataDocker-0.0.1-SNAPSHOT.jar"
.







this is an application.properties to have SSL on SpringBoot


server.port:7075

server.ssl.enabled=true
security.require-ssl=true
server.ssl.key-store=sslbackendtest_xyz.p12
server.ssl.key-store-password=2k$C8=HJDHs4qQ/<
server.ssl.key-alias=sslbackendtest.xyz
server.ssl.key-password=2k$C8=HJDHs4qQ/<

spring.datasource.driver = com.mysql.jdbc.Driver
spring.datasource.url = jdbc:mysql://172.30.0.1:3306/docker?serverTimezone=UTC
spring.datasource.username = datbaseUser
spring.datasource.password = TjH=yrt/2-fgdS2454-
spring.datasource.driver-class-name=com.mysql.jdbc.Driver

now to run it and to see in action on the console in order to check if everything worked OK, run this 
docker-compose -f service_one.yml up

now to run int in Detached mode or in the background run this:
docker-compose -f service_one.yml up -d

to see the containers running docker container ls

if you've got a new .jar version of the same app, just replace in the host folder the jar by the new one
and run docker container restart service_one 
service_one was the name given to the container if you need to stop it run
docker container stop service_one

LIMITING RESOURCES TO THE DOCKER CONTAINER

what about if you need to give it limited resources to the container because of many reasons, 
for instance what about if your application starts taking the whole ram memory and the whole processors you've got?, it would get the whole OS host down, and to avoid that if we've identified which services are taking a lot of resources by limiting their resources.

I am using Docker-compose 3 for the purpose of the example and it is as easy as adding  this block of
instructions
  deploy:
    resources:
        limits:
          cpus: "0.4"
          memory: 400M
in which I am saying the application is going to use 40% of the whole CPUs and 400Mb ram memory

version: '3'
services:
 java:
  image: openjdk:8
  container_name: service_one
  deploy:
    resources:
        limits:
          cpus: "0.4"
          memory: 400M

  ports:
      - '7075:7075'
  volumes:
      - /Data/service_1:/Data/service_1
  working_dir: /Data/service_1
  command: "java -jar PersisterDataDocker-0.0.1-SNAPSHOT.jar"


now let's test it in Linux Centos 7 as the host OS

1: let's run the docker-compose  /usr/local/bin/docker-compose --compatibility -f service_one.yml up
2: let's open 2 more terminals on the host OS
3: in one of the terminals let's go to the container shell with this command
docker exec -it --user root service_one bash we are now logged in as root into the container service_one 
once we are there let's run apt-get update && apt-get install stress and after it has ended up let's run 
stress --cpu 8 --io 2 --vm 1 --vm-bytes 300mb 
with the last instruction, we are using the binary stress with the one we are simulating the resources of the CPU and ram memory in this case we are saying to it, take the whole permitted CPU and around 300mb
4: let's open another terminal in the host OS and let's run yum install htop after that run htop


We can see now how the whole CPU is being used around 40% plus taking approximately the ram memory we allow to use it 




Labels:

Comments

Post a Comment

Popular posts from this blog

How to deploy a VueJS App using Nginx on Ubuntu

There are thousands of blogs and websites out there explaining how to do a hello world and how to start with VueJS, but in this little post, I’m just going to be explaining how to do deploy a VueJs app after you have run the command through the CLI npm run build . So when you run the command npm run build a dist folder is created and that folder’s got the essential .js files to run our app, when we want to run our app on an Nginx server by default the vue-router is not going to work well so that Nginx does not come ready to work by default with a VueJs app This is basically for a Linux Ubuntu distribution if you’ve got any other Linux distribution just pay attention where is going to be set the www/html folder and the Nginx settings so that this is useful for any Linux distribution  Install and configure nginx sudo apt install nginx Double check to make sure the nginx service is running with command service nginx status, then open your browser and enter url
1 comment
Read more

How to secure SpringBoot with SSL and Tomcat or Undertow

when we are going to take our applications to production mode, we must have an SSL certificate for the FrontEnd and   BackEnd too, in this case, our backend is a  SpringBoot which is using a tomcat embedded server. Terminology TLS vs SSL TLS is the successor to SSL. It is a protocol that ensures privacy between communicating applications. Unless otherwise stated, in this document consider TLS and SSL as interchangable. Certificate (cert) The public half of a public/private key pair with some additional metadata about who issued it etc. It may be freely given to anyone. Private Key A private key can verify that its corresponding certificate/public key was used to encrypt data. It is never given out publicly. Certificate Authority (CA) A company that issues digital certificates. For SSL/TLS certificates, there are a small number of providers (e.g. Symantec/Versign/Thawte, Comodo, GoDaddy, LetsEncrypt) whose certificates are included by most browsers and Operating System
2 comments
Read more

How to do pagination SpringBoot with Jbctemplate, MySQL

We are going to be working on a topic which is a basic need when doing any app, and it is Pagination. let's get started creating a product table at https://mockaroo.com/ create table products ( id INT, name VARCHAR(50), code VARCHAR(50) ); insert into products (id, name, code) values (1, 'Hettinger-Goyette', '42549-680'); insert into products (id, name, code) values (2, 'Konopelski-Klein', '49527-724'); insert into products (id, name, code) values (3, 'Smitham, Kuhlman and Balistreri', '53238-003'); insert into products (id, name, code) values (4, 'Hettinger, Weissnat and Goodwin', '0143-9916'); insert into products (id, name, code) values (5, 'Rowe Inc', '42291-898'); insert into products (id, name, code) values (6, 'Ernser-Hauck', '10544-617'); insert into products (id, name, code) values (7, 'Maggio and Sons', '68788-9087'); insert into products (id, name,
Post a Comment
Read more