BC-7101 collaboration service deployment

ansible/roles/schulcloud-server-core/templates/board-collaboration-configmap.yml.j2

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: board-collaboration-configmap
+  namespace: {{ NAMESPACE }}
+  labels:
+    app: board-collaboration
+data:
+  NEST_LOG_LEVEL: "{{ NEST_LOG_LEVEL }}"
+  EXIT_ON_ERROR: "true"

ansible/roles/schulcloud-server-core/templates/board-collaboration-deployment.yml.j2

@@ -0,0 +1,106 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: board-collaboration-deployment
+  namespace: {{ NAMESPACE }}
+  labels:
+    app: board-collaboration
+    app.kubernetes.io/part-of: schulcloud-verbund
+    app.kubernetes.io/version: {{ SCHULCLOUD_SERVER_IMAGE_TAG }}
+    app.kubernetes.io/name: board-collaboration
+    app.kubernetes.io/component: server
+    app.kubernetes.io/managed-by: ansible
+    git.branch: {{ SCHULCLOUD_SERVER_BRANCH_NAME }}
+    git.repo: {{ SCHULCLOUD_SERVER_REPO_NAME }}
+spec:
+  replicas: {{ BOARD_COLLABORATION_SERVER_REPLICAS|default("1", true) }}
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 1
+      #maxUnavailable: 1
+  revisionHistoryLimit: 4
+  paused: false
+  selector:
+    matchLabels:
+      app: board-collaboration
+  template:
+    metadata:
+      labels:
+        app: board-collaboration
+        app.kubernetes.io/part-of: schulcloud-verbund
+        app.kubernetes.io/version: {{ SCHULCLOUD_SERVER_IMAGE_TAG }}
+        app.kubernetes.io/name: board-collaboration
+        app.kubernetes.io/component: board-collaboration
+        app.kubernetes.io/managed-by: ansible
+        git.branch: {{ SCHULCLOUD_SERVER_BRANCH_NAME }}
+        git.repo: {{ SCHULCLOUD_SERVER_REPO_NAME }}
+    spec:
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 1000
+        fsGroup: 1000
+        runAsNonRoot: true
+      containers:
+      - name: board-collaboration
+        image: {{ SCHULCLOUD_SERVER_IMAGE }}:{{ SCHULCLOUD_SERVER_IMAGE_TAG }}
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 4450
+          name: websocket
+          protocol: TCP
+        # - containerPort: 9090
+        #  name: api-metrics
+        #  protocol: TCP
+        envFrom:
+        - configMapRef:
+            name: api-configmap
+        - configMapRef:
+            name: board-collaboration-configmap
+        - secretRef:
+            name: api-secret
+        command: ['npm', 'run', 'nest:start:board-collaboration:prod']
+        resources:
+          limits:
+            cpu: {{ BOARD_COLLABORATION_CPU_LIMITS|default("2000m", true) }}
+            memory: {{ BOARD_COLLABORATION_MEMORY_LIMITS|default("2Gi", true) }}
+          requests:
+            cpu: {{ BOARD_COLLABORATION_CPU_REQUESTS|default("100m", true) }}
+            memory: {{ BOARD_COLLABORATION_MEMORY_REQUESTS|default("150Mi", true) }}
+{% if AFFINITY_ENABLE is defined and AFFINITY_ENABLE|bool %}
+      affinity:
+        podAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - weight: 9
+            podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app.kubernetes.io/part-of
+                  operator: In
+                  values:
+                  - schulcloud-verbund
+              topologyKey: "kubernetes.io/hostname"
+              namespaceSelector: {}
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+{% if ANIT_AFFINITY_NODEPOOL_ENABLE is defined and ANIT_AFFINITY_NODEPOOL_ENABLE|bool %}
+          - weight: 10
+            podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app.kubernetes.io/name
+                  operator: In
+                  values:
+                  - board-collaboration
+              topologyKey: {{ ANIT_AFFINITY_NODEPOOL_TOPOLOGY_KEY }}
+{% endif %}
+          - weight: 20
+            podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app.kubernetes.io/name
+                  operator: In
+                  values:
+                  - board-collaboration
+              topologyKey: "topology.kubernetes.io/zone"
+{% endif %}

ansible/roles/schulcloud-server-core/templates/board-collaboration-ingress.yml.j2

@@ -0,0 +1,43 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: board-collaboration-ingress
+  namespace: {{ NAMESPACE }}
+  annotations:
+    nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
+    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
+    nginx.ingress.kubernetes.io/proxy-body-size: "{{ INGRESS_MAX_BODY_SIZE|default("2560") }}m"
+    nginx.org/client-max-body-size: "{{ INGRESS_MAX_BODY_SIZE|default("2560") }}m"
+    # The following properties added with BC-3606.
+    # The header size of the request is too big. For e.g. state and the permanent growing jwt.
+    # Nginx throws away the Location header, resulting in the 502 Bad Gateway.
+    nginx.ingress.kubernetes.io/client-header-buffer-size: 100k
+    nginx.ingress.kubernetes.io/http2-max-header-size: 96k
+    nginx.ingress.kubernetes.io/large-client-header-buffers: 4 100k
+    nginx.ingress.kubernetes.io/proxy-buffer-size: 96k
+    nginx.org/websocket-services: "board-collaboration-svc"
+{% if CLUSTER_ISSUER is defined %}
+    cert-manager.io/cluster-issuer: {{ CLUSTER_ISSUER }}
+{% endif %}
+
+spec:
+  ingressClassName: {{ INGRESS_CLASS }}
+{% if CLUSTER_ISSUER is defined or (TLS_ENABLED is defined and TLS_ENABLED|bool) %}
+  tls:
+  - hosts:
+      - {{ DOMAIN }}
+{% if CLUSTER_ISSUER is defined %}
+    secretName: {{ DOMAIN }}-tls
+{% endif %}
+{% endif %}
+  rules:
+  - host: {{ DOMAIN }}
+    http:
+      paths:
+      - path: /board-collaboration
+        backend:
+          service:
+            name: board-collaboration-svc
+            port:
+              number: 4450
+        pathType: Prefix

ansible/roles/schulcloud-server-core/templates/board-collaboration-service.yml.j2

@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: board-collaboration-svc
+  namespace: {{ NAMESPACE }}
+  labels:
+    app: board-collaboration
+spec:
+  type: ClusterIP
+  ports:
+    # port for WebSocket connection
+    - port: 4450
+      targetPort: 4450
+      protocol: TCP
+      name: websocket
+    #- port: {{ PORT_METRICS_SERVER }}
+    #  targetPort: 9090 # TODO
+    #  protocol: TCP
+    #  name: api-metrics
+  selector:
+    app: board-collaboration

apps/server/src/apps/board-collaboration.app.ts

@@ -30,7 +30,7 @@ async function bootstrap() {
 	await nestApp.init();
 
 	const port = 4450;
-	const basePath = '/api/v3';
+	const basePath = '/board-collaboration';
 
 	nestApp.setGlobalPrefix(basePath);
 	await nestApp.listen(port);

apps/server/src/modules/board/gateway/dto/board-collaboration-config.ts

@@ -0,0 +1,18 @@
+import { Configuration } from '@hpi-schul-cloud/commons/lib';
+
+const host = Configuration.get('HOST') as string;
+const isLocalhost = host.includes('localhost');
+const origin = isLocalhost ? 'http://localhost:4000' : host;
+
+export default class BoardCollaborationConfiguration {
+	static websocket = {
+		path: '/board-collaboration',
+		cors: {
+			origin,
+			methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',
+			preflightContinue: false,
+			optionsSuccessStatus: 204,
+			credentials: true,
+		},
+	};
+}

apps/server/src/modules/board/gateway/socket.gateway.ts

@@ -12,6 +12,7 @@ import {
 	MoveCardMessageParams,
 	UpdateColumnTitleMessageParams,
 } from './dto';
+import BoardCollaborationConfiguration from './dto/board-collaboration-config';
 import { CreateColumnMessageParams } from './dto/create-column.message.param';
 import { DeleteBoardMessageParams } from './dto/delete-board.message.param';
 import { FetchBoardMessageParams } from './dto/fetch-board.message.param';
@@ -20,17 +21,7 @@ import { UpdateBoardTitleMessageParams } from './dto/update-board-title.message.
 import { UpdateBoardVisibilityMessageParams } from './dto/update-board-visibility.message.param';
 import { Socket } from './types';
 
-@WebSocketGateway({
-	path: '/collaboration',
-	cors: {
-		origin: 'http://localhost:4000',
-		methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',
-		preflightContinue: false,
-		optionsSuccessStatus: 204,
-		credentials: true,
-		// transports: ['websocket'],
-	},
-})
+@WebSocketGateway(BoardCollaborationConfiguration.websocket)
 @UseGuards(WsJwtAuthGuard)
 export class SocketGateway {
 	// TODO: use loggables instead of legacy logger
@@ -232,12 +223,13 @@ export class SocketGateway {
 		}
 	}
 
-	// @SubscribeMessage('reload-board-request')
-	// handleReloadBoard(client: Socket, data: DeleteColumnMessageParams) {
-	// 	this.logger.log(`Message received from client id: ${client.id}`);
-	// 	this.logger.debug(`Payload: ${JSON.stringify(data)}`);
-	// 	client.broadcast.emit('reload-board-success', data);
-	// }
+	// TODO
+	@SubscribeMessage('reload-board-request')
+	handleReloadBoard(client: Socket, data: DeleteColumnMessageParams) {
+		this.logger.log(`Message received from client id: ${client.id}`);
+		this.logger.debug(`Payload: ${JSON.stringify(data)}`);
+		client.broadcast.emit('reload-board-success', data);
+	}
 
 	private async ensureUserInRoom(client: Socket, id: string) {
 		const rootId = await this.getRootIdForId(id);

apps/server/src/shared/testing/test-socket-api-client.ts

@@ -38,7 +38,7 @@ export async function getSocketApiClient(app: INestApplication, user: User) {
 
 	const ioClient = io(url, {
 		autoConnect: false,
-		path: '/collaboration',
+		path: '/board-collaboration',
 		transports: ['websocket', 'polling'],
 		extraHeaders: {
 			Cookie: `jwt=${jwt}`,

package.json

@@ -70,6 +70,7 @@
 		"nest:start:board-collaboration": "nest start board-collaboration",
 		"nest:start:board-collaboration:dev": "nest start board-collaboration --watch --",
 		"nest:start:board-collaboration:debug": "nest start board-collaboration --debug --watch",
+		"nest:start:board-collaboration:prod": "node dist/apps/server/apps/board-collaboration.app",
 		"nest:start:management:dev": "nest start management --watch",
 		"nest:start:management:debug": "nest start management --debug --watch",
 		"nest:start:management:prod": "node dist/apps/server/apps/management.app",
@@ -330,4 +331,4 @@
 		"tsconfig-paths": "^4.1.1",
 		"typescript": "^4.9.4"
 	}
-}
+}