Getting django docker prod ready with jenkins (part 1 the build)

So i have some django webb projects and now its time to get my django apps prod ready with docker.
My plan is to with jenkins build my django apps (soon start a docker of the app and run some test but that will be later) make a docker image and send that to the docker cloud.

Then a can download the docker image on my prod server and start the app. I hope that this also can be triggerd from my jenkins so the flow will be

 

me ->push github master -> jenkins make build and docker image -> push up to dockercloud -> prodserver gets image and deploy to server

 

And i would like this flow to start from my push to the master branch in github. So my masterpush gets my data from dev to prod.

1. Dockerfile

 

First task is to make a dockerfile to use for my app.
In the base django app i created a folder called Docker and put the dockerfile there.

1. I use centos7 as base
2. I have e file in called req.sh that contains all my pip req for my project
3. I have i defult settings file for my django project that I use in the docker build(Match this to you own settings).

I also have the plan to mount static content from the host into the docker image so that is in the dockerfile but not activated.

 

Here is the link to my dockerfile

to build the image i use

 

sudo docker build -t mattiashem/theguide --no-cache .

And to run to test the server in DEV MODE use.

 

sudo docker  run -i -p 8080:8080 mattiashem/theguide  python /var/www/asylguiden/manage.py runserver 0.0.0.0:8080

And to run the server in prod mode use

 

docker run -d -p 8000:8000 mattiashem/theguide /var/www/asylguiden/Docker/start_prod.sh

 

I use gunicorn as prodserver for djangoproject and i have a small bash script that will start the app.

(questions about media and server check out next post when I setup the prod servers)

 

Now we should have a working docker running on our localserver lets get into the dockercloud

 

sudo docker login
sudo docker push mattiashem/theguide

 

And now we have build our app and push it to the dockercloud ready to be used.

 

2. Getting jenkins to build my app and make the dockerimage and push it upto the docker cloud.

First lets fix sudo for the jenkins user so we can use docker.

 

visudo

 

fix this make the jenkins user allow to run docker and dont req tty

 

jenkins ALL=(docker) NOPASSWD: ALL
#Defaults requiretty

 

login to the dockercloud with

 

docker login

 

 

Now the server is ready to build the dockerimage. Start i new project and make it checkout you code and set other settings.
Then in the last “exchute shell” past something like this in

 

echo "Building docker image"
 pwd
 cd Docker
 pwd
 echo "Buildning docker image"
 sudo docker build -t mattiashem/theguide --no-cache .
 sudo docker push mattiashem/theguide

 

 

This will now build the docker image and the push the new build image to the dockercloud ready to be used.

 

 

3. To to

Fix so that the jenkins server start a dockerimage and then perform some test on the new dockerbuild.

 

 

vmware to kvm (OWASP broken webb app on KVM)

So I uses kvm for my virtual server. But i got OWASP broken webb app in vmware format and its not ok.
But with the help from google i found some help to get the OWASP Broken Webb App on my kvm hosts.

I follewed the info from this page

 

http://blog.bodhizazen.net/linux/convert-vmware-vmdk-to-kvm-qcow2-or-virtualbox-vdi/

 

 

1. Download and unzip Owasp Broken Webb app to you folder (It uses 7zip for some reason)

https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project

2. Convert you images in two steeps

qemu-img convert OWASP\ Broken\ Web\ Apps.vmdk -O qcow2 owasp.qemu

qemu-img convert owasp.qemu -O qcow2 owasp2.qemu

3. start the kvm hosts

kvm -hda owasp2.qemu -net nic -net user -m 512

 

 

And now you owasp images will boot up in kvm 🙂

OAuth2 Server on Python (with flask on Centos)

So at work we have started to look at OAuth2 for our web apps. So on our creativ friday today i started looking at putting together an OAuth2 server using python and flask.

I followed the guide from this page http://lepture.com/en/2013/create-oauth-server

And after some work I got an working server and client running on my Centos server.

The code only uses an sqlite db and are only testing the OAuth functions so for a working solutions there are some more work.

 

All info how get the server and client and code are located here on my github

https://github.com/mattiashem/python-oauth2

Starting with Go on Ubuntu

So I starting to test to use the go language for some projects. Here is how i set up go on my ubuntu laptop.

 

1. Installing go language

sudo apt-get install python-software-properties 
sudo add-apt-repository ppa:duh/golang
sudo apt-get update
sudo apt-get install golang

verify

go version

2. Getting an good IDE

I uses sublime text find if here and install it

http://www.sublimetext.com/

3. Write you first line of code in GO

Start up an new file in sublime and past this in the file (I call the file main.go)

package main

import "fmt"

// this is a comment

func main() {
    fmt.Println("Hello World")
}

Time to run it

mattias@mathem:~/Dokument/go/First$ go run main.go 
Hello World
mattias@mathem:~/Dokument/go/First$

There it is first run of go code

Here is where i now hang to learn more go

http://www.golang-book.com/2/index.htm

 

Build you first syco Module

SO from the last post you can install syco but you also need to build and update your own plugins in syco.
Here is a small guide how to build you first plugin.

Here om building some syco commands for controlling apache and glassfish server.
the commands are run from our syco-chuck release commands center so for adding them to syco i can controll the script from sudo and do some extra test before starting and stopping the service.

 

In syco/bin/public create I new file called  sycochuck.py

Add some basic python rules

#!/usr/bin/env python
'''
Sycp chuck commands to be translated to service commands.
The commands are then matched to syco-chuck release system.
'''

__author__ = "matte@elino.se"
__copyright__ = "Copyright 2014, The System Console project"
__maintainer__ = "Daniel Lindh"
__email__ = "syco@cybercow.se"
__credits__ = ["Mattias Hemmingsson"]
__license__ = "???"
__version__ = "1.0.0"
__status__ = "Production"

from general import x

So now lets start making some functions

def build_commands(commands):
 commands.add("httpd-stop", httpd_stop, help="Stopping the apache webbserver.")

This will be our build commands http-stop is the command we will call from syco.
And httpd_stop is the function is this file that we want to run when we call the syco command. So lets make the function that we want to run.

def httpd_stop(args):
 '''
 Stopping the apache webbserver
 '''
 x("service httpd stop")

And now we have all the things we need and your first syco function is done

Run syco

[root@localhost ~]# syco

In the list now this show up

hardening-ssh - Hardening SSH server and client. 
httpd-stop - stopping httpd server. 
httpd-toggle-mod-sec - Turn mod security on or off.

and if we run

[root@localhost ~]# syco httpd-stop
 System Console 0.3.0
 Command: service httpd restart
 Error: httpd: okänd tjänst
[root@localhost ~]#

As you can se we run my small funtion and the x command is i common function that run the command in bash.
Now in this server i did not have httpd server installed but you see how it works.

Now fork and start making you own scripts