This commit introduces a huge change in the build process.
What changed:
- Dockerfile.ldap was integrated into Dockerfile as a seperate
[build stage][multistage-build].
- All the build scripts were refactored according to this.
- The `docker-compose.yml` file was adjusted likewise.
- The main build script, `/build.sh`, now always builds all
targets (formerly called variants).
- The minimal requirements for Docker and docker-compose
have increased.
- The build on hub.docker.com must be adjusted.
This change should also fix#156 permanently.
[multistage-build]: https://docs.docker.com/develop/develop-images/multistage-build/
I've written and will continue to maintain a Helm chart to aid in
deploying NetBox on Kubernetes. This adds a link to the README file so
that people who may be interested in it can find it.
To optimize the application boot time the startup scripts can now be
disabled by an ENV variable. The default when the variable is not set,
is to run the startup scripts. This means that the default behaviour is
not changed from earlier releases.
Although it does not provide any additional security, it shows how to
configure Redis with a password and how to use Netbox using a password
protected redis server. Something that might be considered in a classic
production deployment. (But is mostly irrelevant in e.g. a Kubernetes /
OpenShift deployment as the isolation is usually on a network level.)
One container should ideally have one responsibility [1]. Therefore I
implemented the netbox-worker to start in it's own container. This is
possible, because netbox and the worker communicate via redis anyway.
They still use the same image underneath, just the "command" they
execute while starting different.
Or in other words: I see no reason to introduce supervisord, when we
already have docker-compose which can take care of running multiple
processes.
Also, here's another benefit: Now it's possible to view the logs of the
webhook worker independently of the other netbox logs (and vice-versa).
Other changes in this commit:
* I don't see a reason to put a password for Redis in the docker-compose
setup, so I removed it.
* Slightly changed the nginx config, so that the nginx startup command
becomes simpler and any error should be visible in the docker log.
* Some housekeeping in the `Dockerfile`.
* Added some troubleshooting advice regarding webhooks to the README.
I'd like to thank Brady (@bdlamprecht [2]) here who did the harder
work of figuring out what's even required to have webhooks working. [3]
[1]
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#decouple-applications
[2] https://github.com/bdlamprecht
[3] https://github.com/ninech/netbox-docker/pull/90
With this the configuration is moved to /etc/netbox/config and the
default reports directory is set to /etc/netbox/reports. This enables
the user to mount reports from a config map or persistent volume in
OpenShift.