Automatic Integration between Keycloak, Nextcloud, Grafana and other services.

Lorenzo La Corte with Simone Aquilini and Luca Ferrari
How to integrate services in a docker swarm, deployed with Ansible.
Code

Technologies and Deployed Services

Tasks of the Project

Abstract: the Three Services

Keycloak is an open-source identity and access management solution that provides single sign-on capabilities. Making a long story short, it allows users to authenticate once and access multiple applications and services without the need to re-enter their credentials. Nextcloud is a self-hosted file synchronization and sharing platform, but in this in project is used as an example of service where to enable SSO authentication. Grafana is an open-source data visualization and monitoring tool to create cool charts, in this case reporting the status of our services inside the swarm.

This video shows the deployed services interacting with each other.

Abstract: the Infrastructure

The infrastructure was based on: - Using Ansible, - To deploy a docker Swarm, - Involving 2 Machines, - Deploying 10 services in 17 Containers.

Deploying 10 services on a docker swarm can be tough, but writing ansible code to make them run and integrate automatically is definitely a pain in the ass. Our task was basically to build all the infrastructure with one single command. In order to do that ansible has to handle: - files being copied and filled with secrets coming from the vault, - setting up the docker swarm and its manager and worker(s), - preparing and launching the docker-compose which deploy all the services. And obviously the docker-compose has to configure all the services. And obviously, the complexity of the project increased exponentially, rather than linearly, with each additional service that needed to be integrated.

Take-Away Lessons

These are the top things I will never forget because I spent soooo much time doing them:

  • how to script entrypoints to integrate different containers, also if they are on different machines,
  • how a container starts and lives, why it usually crashes and where to find this information,
  • how to handle secrets and how to use git in the proper way.

Furthermore:

  • what you have done in a day <<< how you have done it <<< what you have learned about it.
  • using gpt (as it is now) for these purposes (most of the times it brings you in the wrong direction),
  • your main task should be: read the documentation, read it another time, cry, read the documentation again and then maybe understand something.

Report of the Project