Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Easy and secure deployment of Glowing Bear and tranSMART

15 views

Published on

Deployment of tranSMART and all its dependencies used to be a complex task, mainly because of many dependencies, different versions and configuration options. With the new structure of the platform, dockerization of all its components and a main compose scripts it is not only faster to deploy everything, but also easier to manage the configuration, ensure security and monitor the components.

Published in: Software
  • Be the first to comment

  • Be the first to like this

Easy and secure deployment of Glowing Bear and tranSMART

  1. 1. Easy and secure deployment of Glowing Bear and tranSMART Ewelina Grudzień - Software Engineer - The Hyve
  2. 2. Agenda 1.Deployment methods overview 2.Why containers? 3.Glowing Bear and tranSMART with Docker - solution overview
  3. 3. ▶ Directly on the server ▶ dependency conflicts ▶ Virtual machines ▶ high isolation, security ▶ deployment automation ▶ require more resources, each VM runs in its own OS ▶ long startup time ▶ Container deployment 3 Deployment methods overview
  4. 4. 4 ▶ consistent environment, ▶ isolation ▶ lightweight ▶ fast to launch ▶ scalable Why containers?
  5. 5. ▶ fast deployment - development and production ▶ ensuring security ▶ standardization ▶ simplification of the configuration ▶ easy database population and updates ▶ solving dependency issues 5 Our main deployment goals
  6. 6. 6 Data warehouse components
  7. 7. 7 Data warehouse components
  8. 8. 8 Dockerized components
  9. 9. ▶ tranSMART – Liquibase ( thehyve/transmart-core/transmart-schemas) ▶ create database on startup if does not exist ▶ updates - apply database schema changes ▶ Glowing Bear Backend - using Hibernate to automatically create the database from the domain model 9 Empty database population
  10. 10. ▶ single process = single container ▶ application - part of the image ▶ smallest images possible ▶ base images - alpine-based, official ▶ only necessary tools and libraries - reduced number of vulnerabilities ▶ configuration - environment variables ▶ data - external volumes 10 Following best practises
  11. 11. 11 Central public repository ▶ versioning ▶ documentation ▶ startall/stopall script ▶ configuration - “.env” file ▶ additional services: ▶ Identity provider - Keycloak + db ▶ Dockerfile for SSL proxy thehyve/glowing-bear-docker
  12. 12. 12 Central repository - thehyve/glowing-bear-docker
  13. 13. 13 Image publishing process Transmart-api-server image for tranSMART 17.x
  14. 14. 14 Extension example - transmart-packer (export)
  15. 15. 15 Extension example - Variant Store Connector
  16. 16. 16 Security - docker networks
  17. 17. 17 Security - proxy
  18. 18. 18 Security - SSL proxy
  19. 19. 19 Keycloak ▶ OpenID Connect security protocol support ▶ sync users from LDAP and Active Directory servers
  20. 20. 20 Multiple warehouses - one server
  21. 21. 21 Multiple warehouses - separate servers
  22. 22. ▶ stdout/stderr ▶ journald ▶ status endpoints - Health Check Actuator ○ sensu monitoring server ○ Grafana - visualization 22 Logging and monitoring
  23. 23. 23 ▶ glowing-bear-docker repository: https://github.com/thehyve/glowing-bear-docker ▶ Loading tools: transmart-copy: https://github.com/thehyve/transmart-core/tree/dev/transmart-copy ▶ TranSMART 17.2 & Glowing Bear documentation: ○ glowingbear.app ○ https://github.com/thehyve/transmart-core/docs Visit our table to learn more! Where to start?
  24. 24. Acknowledgement The development of the solution was funded by DIFUTURE consortium and Eberhard Karls University Tübingen.

×