INFOnline Measurement: Service platform self-hosting¶
Prerequisites and system requirements¶
The following requirements must be met in order to operate the service platform in your infrastructure:
- Linux (Unix) based infrastructure
- appropriate permissions on the systems
- appropriate environment to run container (e.g. Docker) images
- Proxy for SSL offloading1.
- CORS configuration via SSL offloader2 or via service platform3
1 An SSL offloader is a software which takes care of the SSL/TLS connections. This needs a certificate issued to match the domain. The service platform needs an SSL offloader because it cannot manage SSL/TLS connections. Well known software in this area are e.g. nginx or Apache HTTP Server.
2 In order to ensure the error-free function of the census measurement, CORS must be configured correctly. This can be done accordingly in the SSL offloader used.
3 CORS can be configured in the service platform, see configuration container.
We recommend the following minimum system requirements for a PI volume of up to 2,000 PI per minute:
- CPU: 4core
- RAM: 16GB
- HDD: 80GB
If there are peak times on your site with more than 2,000 PI per minute, please dimension the system accordingly larger.
Deployment of the service platform¶
In order to run the service platform in your infrastructure, we will provide you with the following after the order is placed:
- Container image for the service platform
- AccessToken for the operation of the service platform
We provide you with the container image after registration via quay.io Repo.
You will receive the access data for the repo with your order confirmation - we will provide you with the AccessToken
after setup of your self-hosted service platform in our system with another setup email.
Setup of the service platform in the INFOnline system¶
To ensure tamper-free measurement via INFOnline Measurement, the digital sites and the associated service platforms are managed centrally at INFOnline. The service platform receives the required information from the central INFOnline system via corresponding configurations. An AccessToken
is required for communication between the INFOnline system and the self-hosted service platform. You can obtain this from our Customer Service team upon request. In return, please send us the corresponding host entry under which the self-hosted service platform will be accessible.
Operation of the service platform¶
- installation
- Create an environment file with the parameters to start the container.
relay_key=<relay-client-name>
`token=<AccessToken>
1 - Repo login:
`docker login --username quay.io
2 - Pulling the container:
`docker pull quay.io/infonline/relay-client:[VERSION]
3
- start
- Starts a container listening on port 8101:
docker run --name relay-client --env-file [PATH_TO_ENVIRONMENT_FILE] --publish 127.0.0.1:8101:53119/tcp -d quay.io/infonline/relay-client:[VERSION]
1 Get service-platform provisioning with the service-platform setup in the INFOnline system.
2 You will receive the username
with the setup confirmation.
3 You will receive the current version
with your setup email. If there are any changes, you will receive a separate mail.
Configuration Container¶
The following parameters can be used to configure the container:
Abbreviation | Type | Default | Length | Pattern | Mandatory | Description |
---|---|---|---|---|---|---|
TOKEN | String | - | 20 | ^[a-zA-Z0-9_]*$ | yes | Token for authentication at IO |
RELAY_KEY | String | - | ^[a-zA-Z0-9_]*$ | yes | The host name of the service platform that you submitted to INFOnline during setup | |
cors | Bool | False | - | - | no | Specifies whether the CORS header should be set by the relay client for https (only as of version 0.9.1) |
Recommendations for operation¶
To ensure smooth operation, we recommend that you design your infrastructure, or the operation of the service platform, dynamically.
Spooling¶
If the INFOnline system cannot be reached, the service platform temporarily stores the data in the container under /var/spool/rsyslog until the INFOnline system can be reached again. If the folder is not stored on the host system, this data can be lost during a container restart. Therefore, we recommend temporarily storing this folder on the host system using the following commands:
docker volume create io-service
docker run --name relay-client --env-file [PFAD_ZUR_ENVIRONMENT_DATEI] -v io-service:/var/spool/rsyslog --publish 127.0.0.1:8101:53119/tcp -d quay.io/infonline/relay-client:[VERSION]
Monitoring¶
The service platform provides an API for monitoring the operation of the container.
1 The container offers at the address localhost:8101/hc.io`` the possibility to retrieve a healthcheck, which checks the functioning of the PHP page and thus the chain of the software. If the check is successful, a ``200`` message is returned.
2 Within the container, several Prometheus Exporter endpoints are provided on port 53120:
localhost:53120/nginx_status, ```localhost:53120/rsyslog_status
and localhost:53120/php_status``. These addresses are only accessible within the container daemon network. If you want to reach them from the host, you must also set up a forwarding to port 53120.
docker run --name relay-client --env-file [PATH_TO_ENVIRONMENT_FILE] --publish 127.0.0.1:8101:53119/tcp --publish 127.0.0.1:53120:53120/tcp -d quay.io/infonline/relay-client:[VERSION]```
Effects in case of failures¶
The service platform is the central modul of INFOnline Measurements. If a disruption occurs in the operation of the service platform, it will have a direct impact on the measurement results. A failure and/or disturbed accessibility of the service platform leads directly to an under-measurement or to a measurement failure. The measurement calls that might have been received during the failure cannot be restored. We strongly recommend to use the possibilities of Monitoring.
Updates of the service platform¶
We will inform you about updates of the service platform at an early stage and provide you with new versions of the container images as described under Provision of the service platform.