Agola - Run with docker-compose

Howto
1

Hi guys!

I want to run Agola with docker-compose and tried to stitch a compose file together with all the info floating around in the web. The resulting compose looks like this:

version: '3.8'

services:
    minio:
        image: minio/minio
        restart: unless-stopped
        volumes:
            - minio-data:/configstore
        expose:
            - 9000
        environment:
            MINIO_ACCESS_KEY: <SOME_ACCESS_KEY>
            MINIO_SECRET_KEY: <SOME_SECRET_ACCESS_KEY>
        command: minio server /configstore
        healthcheck:
            test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
            interval: 30s
            timeout: 20s
            retries: 3

    etcd:
        image: quay.io/coreos/etcd
        restart: unless-stopped
        volumes:
            - etcd-data:/etcd-data
        command: ["/usr/local/bin/etcd",
                  "--name", "agola-etcd",
                  "--data-dir", "/etcd-data",
                  #"--listen-client-urls", "http://0.0.0.0:2379",
                  #"--initial-cluster-state", "new,"
                  "--initial-cluster-token", "agola-etcd-1"]

    agola:
        image: sorintlab/agola:latest
        restart: unless-stopped
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock
            - ./config.yml:/config.yml
            - agola-data:/data/agola
            - agola-tmp:/tmp/agola
        expose:
            - 8000
        networks:
            - default
            - proxy
        command: ["serve",
                  "--components", "all-base,executor",
                  "--config", "/config.yml"]
        depends_on:
            - minio
            - etcd


volumes:
    minio-data:
    agola-data:
    agola-tmp:
    etcd-data:

networks:
    proxy:
        external: true

Don’t worry about the missing port mappings, i shouldn’t need them, as i am using Traefik as proxy.
My config file:

gateway:
    # The gateway api exposed url to client
    apiExposedURL: "https://cd.some-domain.dev"
    # The web interface exposed url to client, usually the same as the api
    # exposed url but you can separate the api url from the web url
    webExposedURL: "https://cd.some-domain.dev"
    # The run service url (use a load balancer when having multiple run services)
    runserviceURL: "http://localhost:4001"
    # The config store url (use a load balancer when having multiple run services)
    configstoreURL: "http://localhost:4002"
    # The agola internal git server url (currently only a single instance is supported)
    gitserverURL: "http://localhost:4003"

    # web server config
    web:
      listenAddress: ":8000"
      # use TLS (https)
      #tls: true
      # TLSCert is the path to the pem formatted server certificate. If the
      # certificate is signed by a certificate authority, the certFile should be
      # the concatenation of the server's certificate, any intermediates, and the
      # CA's certificate.
      #
      #tlsCertFile: "/path/to/certfile"

      # Server cert private key
      #
      #tlsKeyFile: "/path/to/certkeyfile"

      # CORS allowed origins
      # Enable if the web ui is on a different host:port than the gateway api
      #allowedOrigins: "*"

    # token signing configuration
    tokenSigning:
      # token duration (defaults to 12 hours)
      #duration: 12h

      # hmac or rsa (if possible use rsa)
      method: hmac
      # key to use when signing with hmac
      key: SOME_KEY=

      # paths to the private and public keys in pem encoding when using rsa signing
      #privateKeyPath: /path/to/privatekey.pem
      #publicKeyPath: /path/to/public.pem

    # admin token, token to use to do super user agola administration
    adminToken: "SOME_TOKEN"

  scheduler:
    runserviceURL: "http://localhost:4001"
notification:
  webExposedURL: "https://cd.some-domain.dev"
  runserviceURL: "http://localhost:4001"
  configstoreURL: "http://localhost:4002"

  # etcd client configuration
  etcd:
    endpoints: "http://etcd:2379"
    # etc client tls config
    #tlsCertFile
    #tlsKeyFile
    #tlsCAFile
    #tlsSkipVerify

configstore:
  dataDir: /data/agola/configstore

  etcd:
    endpoints: "http://etcd:2379"

  objectStorage:
    # posix based object storage. It requires a shared posix fs like nfs, chepfs etc...
    #
    #type: posix
    #path: /data/agola/configstore/ost

    # s3 based object storage
    type: s3
    # example with minio
    endpoint: "http://minio:9000"
    bucket: configstore
    accessKey: SOME_ACCESS_KEY
    secretAccessKey: SOME_SECRET_ACCESS_KEY

  web:
    listenAddress: ":4002"

runservice:
  debug: true
  dataDir: /data/agola/runservice
  etcd:
    endpoints: "http://etcd:2379"
  objectStorage:
    # posix based object storage. It requires a shared posix fs like nfs, chepfs etc...
    #
    #type: posix
    #path: /data/agola/configstore/ost

    # s3 based object storage
    type: s3
    # example with minio
    endpoint: "http://minio:9000"
    bucket: runservice
    accessKey: SOME_ACCESS_KEY
    secretAccessKey: SOME_SECRET_ACCESS_KEY

  web:
    listenAddress: ":4001"

executor:
  # local data directory
  dataDir: /data/agola/executor
  # The directory containing the toolbox compiled for the various supported architectures
  toolboxPath: ./bin
  runserviceURL: "http://localhost:4000"
  web:
    listenAddress: ":4001"
  activeTasksLimit: 2
  driver:
    type: docker
  # allow to run privileged containers
  allowPrivilegedContainers: false

gitserver:
  # local data directory
  dataDir: /data/agola/gitserver
  gatewayURL: "http://localhost:8000"

  web:
    listenAddress: ":4003"

When i run this with docker-compose up -d i get following errors in my logs:

agola_1  | 2020-08-25T09:00:09.187Z     FATAL   cmd/serve.go:60 err: failed to start run service scheduler: failed to create s3 object storage: cannot check if bucket "runservice" in location "" exits: Server not initialized, please try again.

agola_1  | 2020-08-25T09:00:11.091Z     WARN    executor/executor.go:1149       err: Get http://localhost:8001/api/v1alpha/executor/3bef00da-d646-49aa-b38a-49503954dc9c/tasks: dial tcp 127.0.0.1:8001: connect: connection refused
agola_1  | 2020-08-25T09:00:11.091Z     ERROR   executor/executor.go:1131       err: Get http://localhost:8001/api/v1alpha/executor/3bef00da-d646-49aa-b38a-49503954dc9c/tasks: dial tcp 127.0.0.1:8001: connect: connection refused
agola_1  | 2020-08-25T09:00:11.091Z     ERROR   scheduler/scheduler.go:116      err: failed to get running runs:
agola_1  |     agola.io/agola/internal/services/scheduler.(*Scheduler).approve
agola_1  |         /agola/internal/services/scheduler/scheduler.go:133
agola_1  |   - Get http://localhost:8001/api/v1alpha/runs?asc=&phase=running: dial tcp 127.0.0.1:8001: connect: connection refused
agola_1  | 2020-08-25T09:00:11.091Z     ERROR   scheduler/scheduler.go:42       err: failed to get queued runs:
agola_1  |     agola.io/agola/internal/services/scheduler.(*Scheduler).schedule
agola_1  |         /agola/internal/services/scheduler/scheduler.go:62
agola_1  |   - Get http://localhost:8001/api/v1alpha/runs?asc=&phase=queued: dial tcp 127.0.0.1:8001: connect: connection refused
agola_1  | 2020-08-25T09:00:11.109Z     ERROR   executor/executor.go:1081       err: Post http://localhost:8001/api/v1alpha/executor/3bef00da-d646-49aa-b38a-49503954dc9c: dial tcp 127.0.0.1:8001: connect: connection refused
agola_1  | 2020-08-25T09:00:12.092Z     ERROR   scheduler/scheduler.go:116      err: failed to get running runs:
agola_1  |     agola.io/agola/internal/services/scheduler.(*Scheduler).approve
agola_1  |         /agola/internal/services/scheduler/scheduler.go:133
agola_1  |   - Get http://localhost:8001/api/v1alpha/runs?asc=&phase=running: dial tcp 127.0.0.1:8001: connect: connection refused
agola_1  | 2020-08-25T09:00:12.092Z     ERROR   scheduler/scheduler.go:42       err: failed to get queued runs:
agola_1  |     agola.io/agola/internal/services/scheduler.(*Scheduler).schedule
agola_1  |         /agola/internal/services/scheduler/scheduler.go:62
agola_1  |   - Get http://localhost:8001/api/v1alpha/runs?asc=&phase=queued: dial tcp 127.0.0.1:8001: connect: connection refused

I can’t seem to get it running with that. I also tried changing the ports to something above 9000 to make sure that the connection is not refused because of some permissions problems and i also tried to expose all services ports at the docker-compose agola service, with no effect. Do you maybe have an idea what i am doing wrong?

1 Like
2

runservice and configstore services can’t reach etcd over default network because etcd service is listening only on localhost.
I added these lines to docker-compose file and it works:

              "--listen-client-urls", "http://0.0.0.0:2379",
              "--advertise-client-urls", "http://0.0.0.0:2379",
3

Oh man…silly me :man_facepalming:
Thanks for pointing that out!

4

Do you maybe also know if there is a way to specify a remotesource with env vars, so that i can add that to the compose file. Or if it is possible to configure a remotesource in the config.yml?

And…would you accept a PR that adds the compose file as an example?

5

Do you maybe also know if there is a way to specify a remotesource with env vars, so that i can add that to the compose file. Or if it is possible to configure a remotesource in the config.yml ?

No, as far as I know the only way to create a remotesource is via agola CLI.

I’ve created a Vagrant machine to host an all-in-one Agola demo. Docker-compose file is is similar to your but it adds gitea and a custom container to configure remotesource, users, tokens, repos, etc.
Give it a look, maybe you can find some part that fits your needs.

And…would you accept a PR that adds the compose file as an example?

I’m not the owner of this project so I can’t merge PRs but I think they are always welcomed.

6

Great, thanks for the info!