Merge branch 'develop' into 'master'

Develop

See merge request verbose-equals-true/django-postgres-vue-gitlab-ecs!104

Author: briancaffey

README.md

@@ -4,200 +4,126 @@ Documentation for this project can be found here:
 
 [https://verbose-equals-true.gitlab.io/django-postgres-vue-gitlab-ecs/](https://verbose-equals-true.gitlab.io/django-postgres-vue-gitlab-ecs/)
 
-## Architecture
 
-![png](/architecture.png)
+## Project Architecture Overview
 
-## Local Development
+Here is an overview of the project architecture, including the CI/CD pipeline and the AWS infrastructure that will be automatically provisioned through the AWS Cloud Development Kit:
 
-First, copy `.env.template` to a new file in the project's root directory called `.env`. This file will be read by `docker-compose` in the next step. Adjust any of the values in this file if needed, or add new variables for any secret information you need to pass to docker-compose (or to docker containers).
+![png](/architecture.png)
 
-## Current Project Goals
+(This diagram was created with [draw.io](https://draw.io). Here's the link to the a read-only version of the diagram on draw.io: [https://drive.google.com/file/d/1gU61zjoW80fCusUcswU1zhEE5VFB1Z5U/view?usp=sharing](https://drive.google.com/file/d/1gU61zjoW80fCusUcswU1zhEE5VFB1Z5U/view?usp=sharing)
 
-Currently I am working on replacing CloudFormation with CDK for infrastructure and deployment.
+### Legend
 
-To work with CDK, do the following:
+1 - GitLab is used to host the source code, test the source code and deploy the application to AWS.
 
-- Make sure you are using at least version 10 of node: `nvm use 13`
-- Activate the virtual environment with `source awscdk/.env/bin/activate`
-- `pip install -e awscdk` to install CDK dependencies
-- run `cdk synth --app awscdk/app.py --output awscdk/cdk.out` and view the resulting JSON for the nested CloudFormation stacks in `awscdk/cdk.out`
+2 - Unit testing (see `.gitlab-ci.yml`)
 
-### Social Authentication Keys
+2a - Pytest
 
-To use social sign on in development, you will need to create an application with the given provider.
+2b - Jest
 
-#### GitHub
+2c - Cypress
 
-Go to [https://github.com/settings/applications/new](https://github.com/settings/applications/new), and add the following:
+3 - Deployment phase (see `/gitlab-ci/aws/cdk.yml`)
 
-- Application Name: A name for the development application, such as `My App Dev`
-- Homepage URL: `http://localhost`
-- Application description: (optional)
-- Authorization callback URL `http://localhost/auth/github/callback` (this route is defined in `quasar/src/router/routes.js`)
-
-In the `.env` file, add the `Client ID` of your GitHub OAuth App as the `GITHUB_KEY` variable, and add the `Client Secret` as the `GITHUB_SECRET` variable.
+3a - Quasar PWA assets are built if there are changes in the `quasar` directory
 
-```sh
-docker-compose up --build
-```
-
-Open `http://localhost` in your browser.
-
-You can specify environment variables for docker-compose by adding an `.env` file to the root of the project based on `.env.template`.
-
-## VuePress Documentation
-
-This project uses VuePress for documentation. To view the documentation site locally, run the following command:
-
-```bash
-docker-compose -f compose/docs.yml up --build
-```
+3b - AWS Cloud Development Kit (CDK) defines all infrastructure in AWS (4a - 12)
 
-This will make the docs available at `http://localhost:8082/docs/`. Hot-reloading through websockets is supported, so changes will show up as they are saved in your code editor.
+3c - AWS CLI is used to run Fargate tasks through manual GitLab CI jobs
 
-### Access Django Shell in Jupyter Notebook
+4 - CDK Assets (ECR and S3 buckets that CDK uses internally to manage build assets and artifacts)
 
-With all containers running, run the following commands:
+4a - Elastic Container Repository is used to manage the Django docker image used in various parts of the application
 
-```
-docker exec -it backend bash
-# cd notebooks/
-# ../manage.py shell_plus --notebook
-```
+4b - S3 bucket used to store files associated with CDK and CloudFormation
 
-or use this single command:
+5 - Route53 is used to route traffic to the CloudFront distribution
 
-```
-docker exec -it backend bash -c 'cd notebooks && ../manage.py shell_plus --notebook'
-```
+6 - CloudFront distribution that serves as the "front desk" of the application. It routes requests to to the correct CloudFront Origin
 
-# Running tests
+7 - CloudFront Origin Configurations
 
-This project uses Pytest, Jest and Cypress for testing. This section describes the different ways to run tests locally.
+7a - S3 bucket for Quasar PWA assets
 
-To run Pytest and Jest, you can use `docker-compose exec`, or you can shell into the container.
+7b - Application Load Balancer for Django application (`/api/`, `/admin/`, `/flower/`, `/ws/`, `/graphql/`)
 
-Using `docker-compose exec`:
+7c - S3 bucket for Django assets (static files, public media and private media)
 
-```
-docker-compose exec backend pytest
-```
+8 - Web server and websocket servers
 
-```
-docker exec -it backend bash
-root@b24c4206002e:/code# pytest
-```
+8a - Fargate service running uvicorn process (REST, GraphQL, Django Channels)
 
-To run Jest tests, you can run:
+8b - Autoscaling Group for Fargate Service that serves Django API
 
-```
-docker-compose exec frontend npm run test
-```
+9 - Celery and celery worker autoscaling
 
-## Integration tests
+9a - Fargate service that is autoscaled between 0 and `N` Fargate tasks for a given celery queue
 
-Cypress can be used in an interactive mode with a UI, or it can be used in a headless way (such as in GitLab CI).
+9b - Scheduled Event that triggers a Lambda to make a request to Django backend which collects celery queue metrics and published metrics to CloudWatch using boto3
 
-## Running Cypress Interactively
+9c - Lambda event the makes a request to `/api/celery-metrics/`
 
-To run Cypress tests interactively, install Cypress in the root of the project:
+9d - CloudWatch alarm that is used to scale the Fargate service for a celery queue
 
-```
-npm install cypress
-```
+9e - Autoscaling group for celery Fargate service
 
-Then open Cypress with:
+10 - Fargate tasks that run Django management commands such as `migrate` and `collectstatic`. These are triggered from manual GitLab CI jobs using the AWS CLI (3c)
 
-```
-$(npm bin)/cypress open --config baseUrl=http://localhost
-```
+11 - ElastiCache for Redis, used for Caching, Celery Broker, Channels Layer, etc.
 
-Click on the button "Run all specs", and the tests will start running in a new browser window with a log of Cypress actions and test statements displayed on the left side.
+12 - Aurora Postgres Serverless
 
-## Run Cypress in headless mode
-
-There are two ways to run Cypress in headless mode. You can run Cypress against the `docker-compose` file in `compose/test.yml`, or you can run the Cypress test using `gitlab-runner`.
-
-### Using `compose/test.yml`
-
-To run the test locally against the production image, run the following:
-
-```
-docker-compose -f compose/test.yml up --build
-```
-
-This will build a special environment that resembles the environment used in GitLab CI. It brings up three containers: redis, postgres and backend. The backend serves several purposes: it runs the Django webserver, it runs the ASGI server used by Django Channels, and it runs celery tasks synchronously, and it also serves the Vue application through Django templates and static files. See the Dockerfile located at `backend/scripts/prod/Dockerfile` for details on how this works.
-
-Make sure that Cypress is properly installed with:
-
-```
-$(npm bin)/cypress verify
-```
+## Local Development
 
-Then start the tests with:
+First, copy `.env.template` to a new file in the project's root directory called `.env`. This file will be read by `docker-compose` in the next step. Adjust any of the values in this file if needed, or add new variables for any secret information you need to pass to docker-compose (or to docker containers).
 
-```
-$(npm bin)/cypress run --config baseUrl=http://localhost:9000
+```sh
+docker-compose up
 ```
 
-You could also run these tests in the interactive mode using `compose/test.yml` with the following command:
+Open `http://localhost` in your browser.
 
-```
-$(npm bin)/cypress open --config baseUrl=http://localhost:9000
-```
+You can specify environment variables for docker-compose by adding an `.env` file to the root of the project based on `.env.template`.
 
-Note that this is similar to the previous command, but we are using the `open` command instead of the `run` command.
+### Social Authentication Keys
 
-### Using `gitlab-runner`
+To use social sign on in local development, you will need to create an application with the given provider such as GitHub, Google, Facebook, etc.
 
-It can be useful to debug your `.gitlab-ci.yml` jobs before pushing changes to GitLab. This gives us a faster feedback loop, and it doesn't use any of the CI minutes on your free (2000 minutes/month) or paid GitLab plans.
+#### GitHub
 
-There is a little bit of setup needed to run Cypress tests with `gitlab-runner`.
+Go to [https://github.com/settings/applications/new](https://github.com/settings/applications/new), and add the following:
 
-First, you need to install `gitlab-runner` on your machine.
+- Application Name: A name for the development application, such as `My App Dev`
+- Homepage URL: `http://localhost`
+- Application description: (optional)
+- Authorization callback URL `http://localhost/auth/github/callback` (this route is defined in `quasar/src/router/routes.js`)
 
-Next, you need to start a local registry on you r computer. Run the following command ([taken from docker documentation](https://docs.docker.com/registry/deploying/)):
+In the `.env` file, add the `Client ID` of your GitHub OAuth App as the `GITHUB_KEY` variable, and add the `Client Secret` as the `GITHUB_SECRET` variable.
 
-```
-docker run -d -p 5000:5000 --restart=always --name registry registry:2
-```
+## VuePress Documentation
 
-Next, you need to build the production image that you will use in the test. To do this, run the following command:
+This project uses VuePress for documentation. To view the documentation site locally, run the following command:
 
-```
-docker-compose -f compose/test.yml build backend
+```bash
+docker-compose -f compose/docs.yml up --build
 ```
 
-Then tag the image with the following command:
+This will make the docs available at `http://localhost:8082/docs/`. Hot-reloading through websockets is supported, so changes will show up as they are saved in your code editor.
 
-```
-docker tag compose_backend:latest localhost:5000/backend:latest
-```
+### Access Django Shell in Jupyter Notebook
 
-Then push the tagged image to the local registry:
+With all containers running, run the following commands:
 
 ```
-docker push localhost:5000/backend:latest
+docker exec -it backend bash
+# cd notebooks/
+# ../manage.py shell_plus --notebook
 ```
 
-Now that we have pushed the production image to our local registry, we can run the `e2e-local` job with `gitlab-runner`.
-
-To do this, we need to make sure that the `e2e-local` job defined in `.gitlab-ci.yml` is not commented. To do this, remove the `.` in front of the job name (change `.e2e-local` to `e2e-local`).
-
-Then, commit your changes in git. Gitlab runner requires that you commit changes before running tests. Run the GitLab CI job with the following command:
+or use this single command:
 
 ```
-gitlab-runner exec docker e2e-local
+docker exec -it backend bash -c 'cd notebooks && ../manage.py shell_plus --notebook'
 ```
-
-Before you push your changes to GitLab, make sure that you uncomment the `e2e-local` job by adding `.` in front of it (`.e2e-local`).
-
-# ToDo
-
-- Add diagram of local development
-- Put django apps in apps folder
-- Redeploy django app to check settings files
-- Add GitLab pages site for Group project
-- Add file upload examples with Django REST Framework
-- Setup password reset

architecture.png

@@ -5,6 +5,7 @@ aws-cdk.aws_applicationautoscaling==1.42.0
 aws-cdk.aws_certificatemanager==1.42.0
 aws-cdk.aws_cloudwatch==1.42.0
 aws-cdk.aws_logs==1.42.0
+aws-cdk.aws_lambda==1.42.0
 aws-cdk.aws_events==1.42.0
 aws-cdk.aws_events_targets==1.42.0
 aws-cdk.aws_secretsmanager==1.42.0

awscdk/awscdk/awscdk.egg-info/requires.txt

@@ -14,6 +14,7 @@
 from env_vars import Variables
 from static_site_bucket import StaticSiteStack
 from flower import FlowerServiceStack
+from celery_autoscaling import CeleryAutoscalingStack
 
 from backend import BackendServiceStack
 from backend_tasks import BackendTasksStack
@@ -101,5 +102,11 @@ def __init__(
             self, "CeleryDefaultServiceStack"
         )
 
+        # define other celery queues here, or combine in a single construct
+
+        self.celery_autoscaling = CeleryAutoscalingStack(
+            self, "CeleryAutoscalingStack"
+        )
+
         # migrate, collectstatic, createsuperuser
         self.backend_tasks = BackendTasksStack(self, "BackendTasksStack")

awscdk/awscdk/cdk_app_root.py

@@ -0,0 +1,40 @@
+from aws_cdk import (
+    core,
+    aws_ec2 as ec2,
+    aws_ecs as ecs,
+    aws_events as events,
+    aws_lambda,
+    aws_events_targets as events_targets,
+    aws_logs as logs,
+    aws_cloudformation as cloudformation,
+)
+
+
+class CeleryAutoscalingStack(cloudformation.NestedStack):
+    def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
+        super().__init__(
+            scope, id, **kwargs,
+        )
+
+        self.lambda_function = aws_lambda.Function(
+            self,
+            "CeleryMetricsLambdaFunction",
+            code=aws_lambda.Code.asset("awslambda"),
+            handler="publish_celery_metrics.lambda_handler",
+            runtime=aws_lambda.Runtime.PYTHON_3_7,
+            environment=scope.variables.regular_variables,
+        )
+
+        self.celery_default_cw_metric_schedule = events.Rule(
+            self,
+            "CeleryDefaultCWMetricSchedule",
+            schedule=events.Schedule.rate(core.Duration.minutes(5)),
+            targets=[
+                events_targets.LambdaFunction(handler=self.lambda_function)
+            ],
+        )
+
+        # TODO: refactor this to loop through CloudWatch metrics multiple celery queues
+        scope.celery_default_service.default_celery_queue_cw_metric.grant_put_metric_data(
+            scope.backend_service.backend_task.task_role
+        )

awscdk/awscdk/celery_autoscaling.py

@@ -85,43 +85,3 @@ def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
             ],
             adjustment_type=aas.AdjustmentType.CHANGE_IN_CAPACITY,
         )
-
-        self.celery_default_cw_monitor_task = ecs.FargateTaskDefinition(
-            self, "CeleryDefaultCWMonitoringTask"
-        )
-
-        self.celery_default_cw_monitor_task.add_container(
-            "CeleryDefaultCWMonitoringTaskContainer",
-            image=scope.image,
-            logging=ecs.LogDrivers.aws_logs(
-                stream_prefix="CeleryDefaultCWMonitoringContainerLogs",
-                log_retention=logs.RetentionDays.ONE_DAY,
-            ),
-            environment=scope.variables.regular_variables,
-            secrets=scope.variables.secret_variables,
-            command=["python3", "manage.py", "put_celery_cloudwatch_metrics"],
-        )
-
-        self.celery_default_cw_metric_schedule = events.Rule(
-            self,
-            "CeleryDefaultCWMetricSchedule",
-            schedule=events.Schedule.rate(core.Duration.minutes(5)),
-            targets=[
-                events_targets.EcsTask(
-                    cluster=scope.cluster,
-                    task_definition=self.celery_default_cw_monitor_task,
-                    subnet_selection=ec2.SubnetSelection(
-                        subnet_type=ec2.SubnetType.PUBLIC
-                    ),
-                    security_group=ec2.SecurityGroup.from_security_group_id(
-                        self,
-                        "CeleryDefaultCWMetricScheduleSG",
-                        security_group_id=scope.vpc.vpc_default_security_group,
-                    ),
-                )
-            ],
-        )
-
-        self.default_celery_queue_cw_metric.grant_put_metric_data(
-            self.celery_default_cw_monitor_task.task_role
-        )

awscdk/awscdk/celery_default.py

@@ -32,6 +32,7 @@ def __init__(
             "DEBUG": "",
             "FULL_DOMAIN_NAME": full_domain_name,
             "FULL_APP_NAME": scope.full_app_name,
+            "CELERY_METRICS_TOKEN": "my-secret-token",
             "AWS_STORAGE_BUCKET_NAME": bucket_name,
             "POSTGRES_SERVICE_HOST": postgres_host,
             "POSTGRES_PASSWORD": db_secret.secret_value_from_json(

awscdk/awscdk/env_vars.py

@@ -22,6 +22,7 @@
         "aws-cdk.aws_certificatemanager==1.42.0",
         "aws-cdk.aws_cloudwatch==1.42.0",
         "aws-cdk.aws_logs==1.42.0",
+        "aws-cdk.aws_lambda==1.42.0",
         "aws-cdk.aws_events==1.42.0",
         "aws-cdk.aws_events_targets==1.42.0",
         "aws-cdk.aws_secretsmanager==1.42.0",