Versions Compared

Old Version 3

changes.mady.by.user Preston Lee

Saved on

compared with

New Version 4

changes.mady.by.user Preston Lee

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The HL7 DaVinci development team delivers automatically built images via the HSPC Docker Hub organization into a public repositories corresponding to public repository. These are built by developers according to local policy for quality and testing and simply uploaded when ready. Each Docker Hub repository has an automated web hook configured to notify HSPC container management of a GitHub repositories. Every project is built automatically by Docker Hub according to project-specific settings for branching strategy, testing etc. Upon successful builds, Docker Hub uses automated web hooks to notify HSPC's production container management of the new build becoming available, in turn triggering automated update of HSPCs cloud environment.

Continuous Deployment Stages

  1. Developer tests code and local images on local machine(s) according to DaVinci policies and procedures.
  2. Developer checks in and pushes code to corresponding branch of a DaVinci GitHub repository. (e.g. `git push`)
  3. Developer merges commits into master branch.the deployment branch, if necessary. (Most projects are just committing directly to master.)
  4. GitHub automatically notifies HSPC Docker Hub to trigger automated build process.
  5. HSPC Upon successful build and regression testing result, Docker Hub notifies HSPC container management system to pull updated image and roll out to a swarm.

...

Auto-rollout of updates begins with container management instructing the sandbox server to download the appropriate image. Once downloaded, existing containers are killed at a 15s delay while updated containers are starting up. As services are configured in a swarm, there are generally no less than 2 containers and there may be more than one container running at any given time. During the short (usually <1m) rollout periodperiods, both old and new instances will be responding to requests if the cardinality is greater than 1

SSL/TLS

Per the HSP Marketplace specification, all certificate management and SSL crypto is handled outside the image/container. HSPC's internal reverse proxy handles all cryptography and certificate management. Individual services are forwarded appropriate HTTP headers by the reverse proxy such that the base URL of the request in easily detectable by the application. Other than that, applications do not need to worry about SSL/TLS.