Deploy using Docker Compose

Introduction

Currently, we support the use of Docker Compose to deploy the Syntho Application. We've included a Docker Compose file that will deploy all the containers necessary for the Syntho Application. The following page will outline the steps to undertake to deploy our application using Docker Compose.

Deployment steps

• Download the latest Docker Compose files from our Github repository under Releases. The file that needs to be downloaded from the release is syntho-<version>.tar.gz

• Use docker login to log into the Syntho Container Registry, or docker load to load images from files. See Syntho Documentation under Deploy Syntho -> Introduction -> Access Docker images

• Extract docker-compose.tar.gz using tar -xf syntho-<version>.tar.gz and open the extracted directory

• Copy over example.env to .env using for example the Linux command cp example.env .env

• Adjust the following variables in .env for a minimal setup:

  • LICENSE_KEY: The license key is provided by Syntho.

  • ADMIN_USERNAME, ADMIN_EMAIL and ADMIN_PASSWORD: the credentials for the admin account that can be used once the application is set up. The email and password will be needed to log in.

The .env file contains the latest image tag for all images, which is a rolling tag. Please adjust the following image tags with the tags provided by the Syntho Team to pin them to a certain version:

• RAY_IMAGE

• CORE_IMAGE

• BACKEND_IMAGE

• FRONTEND_IMAGE

To access the Backend API correctly, the domain should be set. If the application is being accessed on the same machine that deploys it, localhost should be fine for this domain. If you're using a different machine on your network, the IP address or hostname should be used for the following variables:

• FRONTEND_HOST: this should include the port as well. If port 3000 is used for the frontend, and it can be accessed on the same machine, the value would be localhost:3000. If another machine on the same network needs to access the frontend, the value will be <IP-of-deployed-machine>:3000

• FRONTEND_DOMAIN: will be either localhost or the IP of the machine running the Syntho Application

After the adjustment of these variables, the docker compose file should be ready for deployment. The documentation will continue to describe particular sections to adjust in particular cases, but at this point the Docker Compose file should be ready to deploy.

Additional information

Setting up multiple nodes requires a more detailed configuration. This setup is recommended for scalable production environments. Steps and configurations may vary depending on the specific requirements of the network and the number of nodes involved.

TLS

If an SSL certificate needs to be provided, the following environment variables need to be adjusted:

# If TLS is used, set protocol to https and secured_cookies to True
FRONTEND_PROTOCOL=https
SECURED_COOKIES="True"

By default, these values are respectively set to http and False.

Core API

Database

The credentials for the database that the Core API & Worker (core and core_worker and in the docker-compose file) use to connect are described in the following environment variables:

CORE_DATABASE_HOST=<database-host>
CORE_DATABASE_USER=<database-user>
CORE_DATABASE_PASSWORD=<database-password>
CORE_DATABASE_NAME=<database-name>

By default, these values are set to the value for the Postgres instance that is being deployed as part of the docker-compose file. If another database needs to be used, the credentials can be adjusted here. Only Postgres databases are supported for this.

Redis

The information that is being used to connect to the Redis instance is saved in the following environment variables:

CORE_CELERY_BROKER_URL=redis://<redis-host>:6379/0
CORE_CELERY_RESULT_BACKEND=redis://<redis-host>:6379/0
CORE_REDIS_HOST=redis
CORE_REDIS_PORT=6379

Additional environment variables

Important other variables are CORE_SECRET_KEY, which is used as an encryption key. This key can be generated using the following command using python:

# If cryptography is not installed, install it with `pip install cryptography`.
python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"

If issues with the port of the application arise, the default port can be changed using the CORE_PORT variable in the .env file.

CORE_PORT=8000

Backend

Database

Just as the Core API, the backend will need to connect to the Postgres database. This database is used for storing application data. By default, this will connect

BACKEND_DB_HOST=<host>
BACKEND_DB_NAME=<database-name>
BACKEND_DB_USER=<datbase-user>
BACKEND_DB_PASSWORD=<database-password>
BACKEND_DB_PORT=<database-port>

Redis

For the Redis instance used for the backend, we can set the following variables. The Redis instance is included in the docker-compose file, but if a separate Redis instance is used, the credentials need to be set in the .env file.

BACKEND_REDIS_HOST=redis # Redis hostname to connect to
BACKEND_REDIS_PORT=6379 # Redis port to connect to
BACKEND_REDIS_DB_INDEX=1 # Redis database index to use

Admin user

As described earlier in the documentation, the username, email-address and password of the admin user can be adjusted. The following environment variables can be used for that:

ADMIN_USERNAME=admin
ADMIN_PASSWORD=somepassword
ADMIN_EMAIL=admin@company.com

Additional environment variables

For the backend, some additional environment variables can be set. We can change the port which is exposed for the backend if any issues arise with port mappings. To change the port, we can change the value in BACKEND_PORT:

BACKEND_PORT=8000

We then have the secret key that the backend uses for encryption purposes. We can set this key to any value, as long as it is a rather long string. Example:

BACKEND_SECRET_KEY="66n6ldql(b2g0jmop(gr)@x0tz!*^7(d1_$2#y&$t&3r$=cr%#"

Frontend

The frontend is responsible for the user interface. The frontend will need to connect to the Backend for this. The most important variable that is left for the frontend is the following:

FRONTEND_PORT=3000

This variable sets the port for the frontend, which will need to be exposed for the user to be able to access the application.