IntelSight/v2-Docker
3
0
Fork 0
Code Issues Pull-Requests Actions Pakete Projekte Releases Wiki Aktivität
Files
main
v2-Docker/OPERATIONS_GUIDE.md
Claude Project Manager 0d7d888502 Initial commit
2025-07-05 17:51:16 +02:00

376 Zeilen
9.0 KiB
Markdown
Originalformat Permalink Blame Verlauf

# V2-Docker Operations Guide
## WICHTIGER HINWEIS
**NICHT VERWENDEN (für <100 Kunden nicht benötigt):**
- ❌ Redis - System verwendet direkte DB-Verbindungen
- ❌ RabbitMQ - System verwendet synchrone Verarbeitung
- ❌ Prometheus/Grafana/Alertmanager - Integrierte Überwachung ist ausreichend
- ❌ Externe Monitoring-Tools - Admin Panel hat alle benötigten Metriken
**NUR DIESE SERVICES VERWENDEN:**
- ✅ PostgreSQL (db)
- ✅ License Server (license-server)
- ✅ Admin Panel (admin-panel)
- ✅ Nginx Proxy (nginx-proxy)
## Deployment
### Prerequisites
- Docker and Docker Compose
- 4GB RAM, 20GB disk
### Initial Setup
```bash
cd v2-Docker
docker-compose up -d
```
Database initializes automatically via init.sql.
### Standard-Zugangsdaten
#### Admin Panel
- URL: https://admin-panel-undso.z5m7q9dk3ah2v1plx6ju.com/
- User 1: `rac00n` / `1248163264`
- User 2: `w@rh@mm3r` / `Warhammer123!`
#### License Server API
- URL: https://api-software-undso.z5m7q9dk3ah2v1plx6ju.com/
- API Key: Wird im Admin Panel unter "Lizenzserver Administration" verwaltet
- Header: `X-API-Key: <api-key>`
### Service Configuration
#### License Server
```yaml
license-server:
build: ./v2_lizenzserver
container_name: license-server
environment:
- DATABASE_URL=postgresql://adminuser:supergeheimespasswort@db:5432/meinedatenbank
- JWT_SECRET=your-secret-jwt-key-here-minimum-32-chars
# NICHT VERWENDEN:
# - REDIS_HOST=redis # NICHT BENÖTIGT
# - RABBITMQ_HOST=rabbitmq # NICHT BENÖTIGT
expose:
- "8443"
networks:
- backend
depends_on:
- db # Nur PostgreSQL wird benötigt
```
#### Admin Panel
```yaml
admin-panel:
build: ./v2_adminpanel
container_name: admin-panel
environment:
- DATABASE_URL=postgresql://adminuser:supergeheimespasswort@db:5432/meinedatenbank
- SECRET_KEY=supersecretkey
- JWT_SECRET=your-secret-jwt-key-here-minimum-32-chars
# NICHT VERWENDEN:
# - REDIS_HOST=redis # NICHT BENÖTIGT
expose:
- "5000"
networks:
- backend
depends_on:
- db # Nur PostgreSQL wird benötigt
volumes:
- ./backups:/app/backups
```
#### Nginx Reverse Proxy
```yaml
nginx:
build: ./v2_nginx
container_name: nginx-proxy
ports:
- "80:80"
networks:
- backend
depends_on:
- admin-panel
- license-server
volumes:
- ./v2_nginx/nginx.conf:/etc/nginx/nginx.conf:ro
# Routing:
# / → admin-panel:5000 (Admin Panel)
# /api → license-server:8000 (API Endpoints)
```
## Monitoring
**WICHTIG**: Externe Monitoring-Tools werden NICHT verwendet! Die folgenden Konfigurationen sind VERALTET und sollten IGNORIERT werden.
### Integrierte Überwachung (Admin Panel)
**HINWEIS**: Externe Monitoring-Tools (Grafana, Prometheus, etc.) werden NICHT verwendet!
Das Admin Panel bietet alle benötigten Überwachungsfunktionen:
1. **Dashboard** (Startseite)
- Aktive Lizenzen
- Aktive Sessions
- Heartbeat-Statistiken
- System-Metriken
2. **Log-Seite**
- Vollständiges Audit-Log aller Aktionen
- Filterbar nach Benutzer, Aktion, Entität
- Export in Excel/CSV
3. **Lizenz-Übersicht**
- Aktive/Inaktive Lizenzen
- Session-Status in Echtzeit
- Letzte Heartbeats
4. **Metriken-Endpoint**
- `/metrics` im License Server für basic monitoring
- Zeigt aktuelle Anfragen, Fehler, etc.
## Features Overview
### Lead Management System
- **UPDATE 22.06.2025**: Jetzt direkt über Navbar "Lead Management" erreichbar
- Lead Management Dashboard unter `/leads/management`
- Gemeinsame Kontaktdatenbank zwischen rac00n und w@rh@mm3r
- Features:
- Dashboard mit Statistiken und Aktivitätsfeed
- Institution management
- Contact persons with multiple phones/emails
- Versioned notes system
- Full audit trail
- Benutzer-Attribution (wer hat was hinzugefügt)
### Resource Pool Management
- Domain allocation system
- IPv4 address management
- Phone number allocation
- Features:
- Resource assignment to licenses
- Quarantine management
- Resource history tracking
- Availability monitoring
### Batch Operations
- Bulk license creation
- Mass updates
- Accessible from Customers & Licenses page
### Monitoring Integration
- Unified monitoring dashboard at `/monitoring`
- Live analytics and metrics
- Alert management interface
- Integrated with Prometheus/Grafana stack
### API Key Management
- Single system-wide API key
- Managed in "Lizenzserver Administration"
- Used for all API authentication
### Session Management
- Single-session enforcement per license
- 30-second heartbeat system
- Automatic session cleanup after 60 seconds
- Session history tracking
## Maintenance
### Database Maintenance
#### Partition Management
```sql
-- Check existing partitions
SELECT tablename FROM pg_tables
WHERE tablename LIKE 'license_heartbeats_%'
ORDER BY tablename;
-- Create future partitions manually
CALL create_monthly_partitions('license_heartbeats', 3);
-- Drop old partitions
DROP TABLE IF EXISTS license_heartbeats_2024_01;
```
#### Backup Procedures
```bash
# Backup
docker exec db pg_dump -U adminuser meinedatenbank | gzip > backup_$(date +%Y%m%d).sql.gz
# Restore
gunzip -c backup_20250619.sql.gz | docker exec -i db psql -U adminuser meinedatenbank
```
##### Integriertes Backup-System
Das Admin Panel bietet ein eingebautes Backup-System:
1. Login ins Admin Panel
2. Navigiere zu "Backups"
3. Klicke "Create Backup"
4. Backups werden verschlüsselt im Verzeichnis `/backups` gespeichert
5. Download oder Restore direkt über die UI
### Log Management
#### Log Locations
##### Logs
- Container logs: `docker logs <container_name>`
- Nginx logs: `./v2_nginx/logs/`
- Audit logs: Database table `audit_log`
#### Log Rotation
```bash
# Configure logrotate
/var/log/license-server/*.log {
daily
rotate 7
compress
delaycompress
notifempty
create 0640 www-data www-data
}
```
### Performance Optimization
#### Database Tuning
- Run `ANALYZE` periodically
- `VACUUM ANALYZE` on large tables
- Maintain partitions: `CALL create_monthly_partitions('license_heartbeats', 3)`
#### Resource Limits
Alle Services haben konfigurierte Resource Limits:
```yaml
# License Server
license-server:
deploy:
resources:
limits:
cpus: '1.0'
memory: 1G
reservations:
cpus: '0.5'
memory: 512M
# Admin Panel
admin-panel:
deploy:
resources:
limits:
cpus: '1.0'
memory: 1G
reservations:
cpus: '0.5'
memory: 512M
# PostgreSQL
db:
deploy:
resources:
limits:
cpus: '2.0'
memory: 2G
reservations:
cpus: '1.0'
memory: 1G
```
## Troubleshooting
### Common Issues
#### License Server Not Responding
- Check status: `docker ps | grep license`
- View logs: `docker logs license-server --tail 100`
- Test health: `docker exec nginx-proxy curl http://license-server:8443/health`
#### Database Connection Issues
- Check status: `docker exec db pg_isready`
- Test connection: Use psql from admin panel container
- Check logs: `docker logs db --tail 50`
#### High Memory Usage
1. Check container stats: `docker stats`
2. Review memory limits in docker-compose.yml
3. Analyze database queries for optimization
4. Consider scaling horizontally
### Health Checks
Quick health check script:
```bash
# All services
docker ps --format "table {{.Names}}\t{{.Status}}"
# Key endpoints
curl -s https://api-software-undso.z5m7q9dk3ah2v1plx6ju.com/health
curl -s http://localhost:9090/-/healthy
```
## Security Considerations
- Strong JWT_SECRET (32+ chars)
- Rotate API keys regularly
- Rate limiting enabled
- Use HTTPS in production
- Strong database passwords
- Keep Docker and images updated
## Scaling Strategies
### Horizontal Scaling
#### Scaling License Server
```bash
# Scale license server instances
docker-compose -f v2/docker-compose.yaml up -d --scale license-server=3
```
#### Nginx Load Balancing Configuration
```nginx
# In nginx.conf
upstream license_servers {
least_conn;
server license-server_1:8443 max_fails=3 fail_timeout=30s;
server license-server_2:8443 max_fails=3 fail_timeout=30s;
server license-server_3:8443 max_fails=3 fail_timeout=30s;
# Health checks
keepalive 32;
}
server {
server_name api-software-undso.z5m7q9dk3ah2v1plx6ju.com;
location / {
proxy_pass http://license_servers;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
```
#### Scaling Considerations (für >100 Kunden)
**HINWEIS**: Für <100 Kunden ist keine Skalierung notwendig!
- Direkter DB-Zugriff ist ausreichend (kein Redis benötigt)
- Synchrone Verarbeitung ist schnell genug (kein RabbitMQ benötigt)
- Single Instance ist völlig ausreichend
### Database Scaling
- Read replicas for reporting
- Connection pooling
- Query optimization
- Partitioning for large tables
## Disaster Recovery
- Daily automated backups via Admin Panel
- Test restore procedures regularly
- Consider database replication for HA
## Monitoring Best Practices
- Configure alerts in Alertmanager
- Review Grafana dashboards regularly
- Monitor resource trends for capacity planning
In neuem Issue referenzieren Git Blame ansehen Permalink kopieren