@@ -14,7 +14,7 @@ services:
1414 environment :
1515 API_SERVER_DEV_FEATURES_ENABLED : ${API_SERVER_DEV_FEATURES_ENABLED}
1616 API_SERVER_LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
17- API_SERVER_LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
17+ API_SERVER_LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
1818 API_SERVER_LOGLEVEL : ${API_SERVER_LOGLEVEL}
1919 API_SERVER_PROFILING : ${API_SERVER_PROFILING}
2020
@@ -112,7 +112,7 @@ services:
112112 SSM_REGION_NAME : ${SSM_REGION_NAME}
113113
114114 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
115- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
115+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
116116 RABBIT_HOST : ${RABBIT_HOST}
117117 RABBIT_PASSWORD : ${RABBIT_PASSWORD}
118118 RABBIT_PORT : ${RABBIT_PORT}
@@ -161,7 +161,7 @@ services:
161161 DIRECTOR_HOST : ${DIRECTOR_HOST:-director}
162162 DIRECTOR_PORT : ${DIRECTOR_PORT:-8080}
163163 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
164- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
164+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
165165 POSTGRES_DB : ${POSTGRES_DB}
166166 POSTGRES_HOST : ${POSTGRES_HOST}
167167 POSTGRES_PASSWORD : ${POSTGRES_PASSWORD}
@@ -204,7 +204,7 @@ services:
204204 CLUSTERS_KEEPER_SSM_SECRET_ACCESS_KEY : ${CLUSTERS_KEEPER_SSM_SECRET_ACCESS_KEY}
205205 CLUSTERS_KEEPER_EC2_INSTANCES_PREFIX : ${CLUSTERS_KEEPER_EC2_INSTANCES_PREFIX}
206206 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
207- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
207+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
208208 CLUSTERS_KEEPER_PRIMARY_EC2_INSTANCES : ${CLUSTERS_KEEPER_PRIMARY_EC2_INSTANCES}
209209 PRIMARY_EC2_INSTANCES_ALLOWED_TYPES : ${PRIMARY_EC2_INSTANCES_ALLOWED_TYPES}
210210 PRIMARY_EC2_INSTANCES_KEY_NAME : ${PRIMARY_EC2_INSTANCES_KEY_NAME}
@@ -330,7 +330,7 @@ services:
330330 DYNAMIC_SIDECAR_API_SAVE_RESTORE_STATE_TIMEOUT : ${DYNAMIC_SIDECAR_API_SAVE_RESTORE_STATE_TIMEOUT}
331331
332332 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
333- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
333+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
334334 DIRECTOR_V2_LOGLEVEL : ${DIRECTOR_V2_LOGLEVEL}
335335 MONITORING_ENABLED : ${MONITORING_ENABLED}
336336
@@ -411,7 +411,7 @@ services:
411411 - default
412412 environment :
413413 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
414- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
414+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
415415 RABBIT_HOST : ${RABBIT_HOST}
416416 RABBIT_PASSWORD : ${RABBIT_PASSWORD}
417417 RABBIT_PORT : ${RABBIT_PORT}
@@ -455,7 +455,7 @@ services:
455455 INVITATIONS_SWAGGER_API_DOC_ENABLED : ${INVITATIONS_SWAGGER_API_DOC_ENABLED}
456456 INVITATIONS_USERNAME : ${INVITATIONS_USERNAME}
457457 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
458- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
458+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
459459 INVITATIONS_TRACING : ${INVITATIONS_TRACING}
460460 TRACING_OPENTELEMETRY_COLLECTOR_ENDPOINT : ${TRACING_OPENTELEMETRY_COLLECTOR_ENDPOINT}
461461 TRACING_OPENTELEMETRY_COLLECTOR_PORT : ${TRACING_OPENTELEMETRY_COLLECTOR_PORT}
@@ -467,7 +467,7 @@ services:
467467 - default
468468 environment :
469469 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
470- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
470+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
471471 PAYMENTS_ACCESS_TOKEN_EXPIRE_MINUTES : ${PAYMENTS_ACCESS_TOKEN_EXPIRE_MINUTES}
472472 PAYMENTS_ACCESS_TOKEN_SECRET_KEY : ${PAYMENTS_ACCESS_TOKEN_SECRET_KEY}
473473 PAYMENTS_AUTORECHARGE_DEFAULT_MONTHLY_LIMIT : ${PAYMENTS_AUTORECHARGE_DEFAULT_MONTHLY_LIMIT}
@@ -513,7 +513,7 @@ services:
513513 - default
514514 environment :
515515 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
516- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
516+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
517517 POSTGRES_DB : ${POSTGRES_DB}
518518 POSTGRES_ENDPOINT : ${POSTGRES_ENDPOINT}
519519 POSTGRES_HOST : ${POSTGRES_HOST}
@@ -570,7 +570,7 @@ services:
570570 DYNAMIC_SCHEDULER_USE_INTERNAL_SCHEDULER : ${DYNAMIC_SCHEDULER_USE_INTERNAL_SCHEDULER}
571571 DYNAMIC_SIDECAR_API_SAVE_RESTORE_STATE_TIMEOUT : ${DYNAMIC_SIDECAR_API_SAVE_RESTORE_STATE_TIMEOUT}
572572
573- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
573+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
574574 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
575575
576576 POSTGRES_DB : ${POSTGRES_DB}
@@ -598,7 +598,7 @@ services:
598598 init : true
599599 environment :
600600 DOCKER_API_PROXY_PASSWORD : ${DOCKER_API_PROXY_PASSWORD}
601- DOCKER_API_PROXY_USER : ${DOCKER_API_PROXY_USER}
601+ DOCKER_API_PROXY_USER : ${DOCKER_API_PROXY_USER}
602602 deploy :
603603 placement :
604604 constraints :
@@ -607,7 +607,7 @@ services:
607607 volumes :
608608 - /var/run/docker.sock:/var/run/docker.sock
609609 networks :
610- - docker-api-network
610+ - docker-api-network
611611
612612 static-webserver :
613613 image : ${DOCKER_REGISTRY:-itisfoundation}/static-webserver:${DOCKER_IMAGE_TAG:-latest}
@@ -676,7 +676,7 @@ services:
676676 WEBSERVER_PROFILING : ${WEBSERVER_PROFILING}
677677
678678 WEBSERVER_LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
679- WEBSERVER_LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
679+ WEBSERVER_LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
680680
681681 # WEBSERVER_SERVER_HOST
682682
@@ -741,14 +741,13 @@ services:
741741 INVITATIONS_USERNAME : ${INVITATIONS_USERNAME}
742742
743743 WEBSERVER_LICENSES : ${WEBSERVER_LICENSES}
744- LICENSES_ITIS_VIP_SYNCER_ENABLED : ${LICENSES_ITIS_VIP_SYNCER_ENABLED}
744+ LICENSES_ITIS_VIP_SYNCER_ENABLED : ${LICENSES_ITIS_VIP_SYNCER_ENABLED}
745745 LICENSES_ITIS_VIP_SYNCER_PERIODICITY : ${LICENSES_ITIS_VIP_SYNCER_PERIODICITY}
746746 LICENSES_ITIS_VIP_API_URL : ${LICENSES_ITIS_VIP_API_URL}
747747 LICENSES_ITIS_VIP_CATEGORIES : ${LICENSES_ITIS_VIP_CATEGORIES}
748748 LICENSES_SPEAG_PHANTOMS_API_URL : ${LICENSES_SPEAG_PHANTOMS_API_URL}
749749 LICENSES_SPEAG_PHANTOMS_CATEGORIES : ${LICENSES_SPEAG_PHANTOMS_CATEGORIES}
750750
751-
752751 WEBSERVER_LOGIN : ${WEBSERVER_LOGIN}
753752 LOGIN_ACCOUNT_DELETION_RETENTION_DAYS : ${LOGIN_ACCOUNT_DELETION_RETENTION_DAYS}
754753 LOGIN_REGISTRATION_CONFIRMATION_REQUIRED : ${LOGIN_REGISTRATION_CONFIRMATION_REQUIRED}
@@ -826,7 +825,6 @@ services:
826825 PROJECTS_MAX_COPY_SIZE_BYTES : ${PROJECTS_MAX_COPY_SIZE_BYTES}
827826 PROJECTS_MAX_NUM_RUNNING_DYNAMIC_NODES : ${PROJECTS_MAX_NUM_RUNNING_DYNAMIC_NODES}
828827
829-
830828 # WEBSERVER_RABBITMQ
831829 RABBIT_HOST : ${RABBIT_HOST}
832830 RABBIT_PASSWORD : ${RABBIT_PASSWORD}
@@ -837,7 +835,6 @@ services:
837835 # WEBSERVER_TRASH
838836 TRASH_RETENTION_DAYS : ${TRASH_RETENTION_DAYS}
839837
840-
841838 # ARBITRARY ENV VARS
842839
843840 # see [https://docs.gunicorn.org/en/stable/settings.html#timeout],
@@ -857,6 +854,9 @@ services:
857854 WEBSERVER_FOLDERS : ${WEBSERVER_FOLDERS}
858855
859856 deploy :
857+ # NOTE: having 2 replicas is necessary to detect early on if in-process tasks are mistakenly added to the webserver
858+ # in case this cannot be done otherwise, the sticky rule below will need to be adapted
859+ replicas : 2
860860 labels :
861861 - io.simcore.zone=${TRAEFIK_SIMCORE_ZONE}
862862 # gzip compression
@@ -868,18 +868,33 @@ services:
868868 - traefik.http.services.${SWARM_STACK_NAME}_webserver.loadbalancer.healthcheck.path=/v0/
869869 - traefik.http.services.${SWARM_STACK_NAME}_webserver.loadbalancer.healthcheck.interval=2000ms
870870 - traefik.http.services.${SWARM_STACK_NAME}_webserver.loadbalancer.healthcheck.timeout=1000ms
871- # NOTE: stickyness must remain until the long running tasks in the webserver are removed
872- # and also https://github.com/ITISFoundation/osparc-simcore/pull/4180 is resolved.
873- - traefik.http.services.${SWARM_STACK_NAME}_webserver.loadbalancer.sticky.cookie=true
874- - traefik.http.services.${SWARM_STACK_NAME}_webserver.loadbalancer.sticky.cookie.samesite=lax
875- - traefik.http.services.${SWARM_STACK_NAME}_webserver.loadbalancer.sticky.cookie.httponly=true
876- - traefik.http.services.${SWARM_STACK_NAME}_webserver.loadbalancer.sticky.cookie.secure=true
871+ # NOTE: stickyness must remain only for specific endpoints, see https://github.com/ITISFoundation/osparc-simcore/pull/4180
877872 - traefik.http.middlewares.${SWARM_STACK_NAME}_webserver_retry.retry.attempts=2
878873 - traefik.http.routers.${SWARM_STACK_NAME}_webserver.service=${SWARM_STACK_NAME}_webserver
879874 - traefik.http.routers.${SWARM_STACK_NAME}_webserver.rule=(Path(`/`) || Path(`/v0`) || Path(`/socket.io/`) || Path(`/static-frontend-data.json`) || PathRegexp(`^/study/(?P<study_uuid>\b[0-9a-f]{8}\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\b[0-9a-f]{12}\b)`) || Path(`/view`) || Path(`/#/view`) || Path(`/#/error`) || PathPrefix(`/v0/`))
880875 - traefik.http.routers.${SWARM_STACK_NAME}_webserver.entrypoints=http
881876 - traefik.http.routers.${SWARM_STACK_NAME}_webserver.priority=6
882877 - traefik.http.routers.${SWARM_STACK_NAME}_webserver.middlewares=${SWARM_STACK_NAME}_gzip@swarm, ${SWARM_STACK_NAME_NO_HYPHEN}_sslheader@swarm, ${SWARM_STACK_NAME}_webserver_retry
878+ # Create a dedicated sticky service for specific endpoints
879+ - traefik.http.services.${SWARM_STACK_NAME}_webserver_sticky.loadbalancer.server.port=8080
880+ - traefik.http.services.${SWARM_STACK_NAME}_webserver_sticky.loadbalancer.healthcheck.path=/v0/
881+ - traefik.http.services.${SWARM_STACK_NAME}_webserver_sticky.loadbalancer.healthcheck.interval=2000ms
882+ - traefik.http.services.${SWARM_STACK_NAME}_webserver_sticky.loadbalancer.healthcheck.timeout=1000ms
883+ - traefik.http.services.${SWARM_STACK_NAME}_webserver_sticky.loadbalancer.sticky.cookie=true
884+ - traefik.http.services.${SWARM_STACK_NAME}_webserver_sticky.loadbalancer.sticky.cookie.secure=true
885+ - traefik.http.services.${SWARM_STACK_NAME}_webserver_sticky.loadbalancer.sticky.cookie.httpOnly=true
886+ - traefik.http.services.${SWARM_STACK_NAME}_webserver_sticky.loadbalancer.sticky.cookie.sameSite=lax
887+ # Single consolidated router for all sticky endpoints
888+ - traefik.http.routers.${SWARM_STACK_NAME}_webserver_sticky.rule=Path(`/v0/projects`) ||
889+ Path(`/v0/projects:clone`) ||
890+ PathRegexp(`^/v0/projects/[0-9a-fA-F-]+/nodes/[0-9a-fA-F-]+:stop`) ||
891+ PathRegexp(`^/v0/storage/locations/[0-9]+/paths/.+:size`) ||
892+ PathRegexp(`^/v0/storage/locations/[0-9]+/-/paths:batchDelete`) ||
893+ PathRegexp(`^/v0/storage/locations/[0-9]+/export-data`) ||
894+ PathRegexp(`^/v0/tasks-legacy/.+`)
895+ - traefik.http.routers.${SWARM_STACK_NAME}_webserver_sticky.entrypoints=http
896+ - traefik.http.routers.${SWARM_STACK_NAME}_webserver_sticky.service=${SWARM_STACK_NAME}_webserver_sticky
897+ - traefik.http.routers.${SWARM_STACK_NAME}_webserver_sticky.middlewares=${SWARM_STACK_NAME}_gzip@swarm, ${SWARM_STACK_NAME_NO_HYPHEN}_sslheader@swarm, ${SWARM_STACK_NAME}_webserver_retry
883898 networks : &webserver_networks
884899 - default
885900 - interactive_services_subnet
@@ -895,7 +910,6 @@ services:
895910 WEBSERVER_STATICWEB : " null"
896911 WEBSERVER_FUNCTIONS : ${WEBSERVER_FUNCTIONS} # needed for api-server
897912
898-
899913 networks : *webserver_networks
900914
901915 wb-db-event-listener :
@@ -927,7 +941,7 @@ services:
927941
928942 GUNICORN_CMD_ARGS : ${WEBSERVER_GUNICORN_CMD_ARGS}
929943 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
930- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
944+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
931945 SWARM_STACK_NAME : ${SWARM_STACK_NAME}
932946 SESSION_SECRET_KEY : ${WEBSERVER_SESSION_SECRET_KEY}
933947 WEBSERVER_ACTIVITY : ${WB_DB_EL_ACTIVITY}
@@ -997,7 +1011,7 @@ services:
9971011
9981012 GUNICORN_CMD_ARGS : ${WEBSERVER_GUNICORN_CMD_ARGS}
9991013
1000- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
1014+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
10011015 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
10021016
10031017 # WEBSERVER_DB
@@ -1076,7 +1090,6 @@ services:
10761090 WEBSERVER_USERS : ${WB_GC_USERS}
10771091 WEBSERVER_WALLETS : ${WB_GC_WALLETS}
10781092
1079-
10801093 networks :
10811094 - default
10821095 - interactive_services_subnet
@@ -1097,7 +1110,7 @@ services:
10971110 environment :
10981111 AGENT_LOGLEVEL : ${AGENT_LOGLEVEL}
10991112 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
1100- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
1113+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
11011114 AGENT_VOLUMES_CLEANUP_S3_ENDPOINT : ${AGENT_VOLUMES_CLEANUP_S3_ENDPOINT}
11021115 AGENT_VOLUMES_CLEANUP_S3_REGION : ${AGENT_VOLUMES_CLEANUP_S3_REGION}
11031116 AGENT_VOLUMES_CLEANUP_S3_ACCESS_KEY : ${AGENT_VOLUMES_CLEANUP_S3_ACCESS_KEY}
@@ -1121,7 +1134,7 @@ services:
11211134 hostname : " {{.Node.Hostname}}-{{.Task.Slot}}"
11221135
11231136 environment :
1124- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
1137+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
11251138 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
11261139
11271140 NOTIFICATIONS_LOGLEVEL : ${NOTIFICATIONS_LOGLEVEL}
@@ -1143,7 +1156,6 @@ services:
11431156 TRACING_OPENTELEMETRY_COLLECTOR_ENDPOINT : ${TRACING_OPENTELEMETRY_COLLECTOR_ENDPOINT}
11441157 TRACING_OPENTELEMETRY_COLLECTOR_PORT : ${TRACING_OPENTELEMETRY_COLLECTOR_PORT}
11451158
1146-
11471159 dask-sidecar :
11481160 image : ${DOCKER_REGISTRY:-itisfoundation}/dask-sidecar:${DOCKER_IMAGE_TAG:-latest}
11491161 init : true
@@ -1164,7 +1176,7 @@ services:
11641176 DASK_TLS_CERT : ${DASK_TLS_CERT}
11651177 DASK_SCHEDULER_HOST : ${DASK_SCHEDULER_HOST:-dask-scheduler}
11661178 DASK_LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
1167- DASK_LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
1179+ DASK_LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
11681180 DASK_SIDECAR_LOGLEVEL : ${DASK_SIDECAR_LOGLEVEL}
11691181 SIDECAR_COMP_SERVICES_SHARED_VOLUME_NAME : ${SWARM_STACK_NAME}_computational_shared_data
11701182 SIDECAR_COMP_SERVICES_SHARED_FOLDER : ${SIDECAR_COMP_SERVICES_SHARED_FOLDER:-/home/scu/computational_shared_data}
@@ -1196,7 +1208,7 @@ services:
11961208 networks :
11971209 - storage_subnet
11981210 environment :
1199- DATCORE_ADAPTER_LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
1211+ DATCORE_ADAPTER_LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
12001212 DATCORE_ADAPTER_LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
12011213 DATCORE_ADAPTER_TRACING : ${DATCORE_ADAPTER_TRACING}
12021214 TRACING_OPENTELEMETRY_COLLECTOR_ENDPOINT : ${TRACING_OPENTELEMETRY_COLLECTOR_ENDPOINT}
@@ -1209,7 +1221,7 @@ services:
12091221 environment : &storage_environment
12101222 DATCORE_ADAPTER_HOST : ${DATCORE_ADAPTER_HOST:-datcore-adapter}
12111223 LOG_FORMAT_LOCAL_DEV_ENABLED : ${LOG_FORMAT_LOCAL_DEV_ENABLED}
1212- LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
1224+ LOG_FILTER_MAPPING : ${LOG_FILTER_MAPPING}
12131225 POSTGRES_DB : ${POSTGRES_DB}
12141226 POSTGRES_ENDPOINT : ${POSTGRES_ENDPOINT}
12151227 POSTGRES_HOST : ${POSTGRES_HOST}
@@ -1358,19 +1370,7 @@ services:
13581370 # also aof (append only) is also enabled such that we get full durability at the expense
13591371 # of backup size. The backup is written into /data.
13601372 # https://redis.io/topics/persistence
1361- [
1362- " redis-server" ,
1363- " --save" ,
1364- " 60 1" ,
1365- " --loglevel" ,
1366- " verbose" ,
1367- " --databases" ,
1368- " 10" ,
1369- " --appendonly" ,
1370- " yes" ,
1371- " --requirepass" ,
1372- " ${REDIS_PASSWORD}"
1373- ]
1373+ [ "redis-server", "--save", "60 1", "--loglevel", "verbose", "--databases", "10", "--appendonly", "yes", "--requirepass", "${REDIS_PASSWORD}" ]
13741374 networks :
13751375 - default
13761376 - autoscaling_subnet
0 commit comments