Skip to main content

Overview

Using the CLI, you can deploy docker-compose resources directly to Control Plane.

Prerequisites

Deploy project

Refer to the stack deploy command for details and examples on how to deploy from a docker-compose project.

Delete project

Refer to the stack rm command for details and examples on how to delete resources generated by a docker-compose project.

Generate Control Plane Spec

You can generate a Control Plane spec without deploying the resources. Refer to the stack manifest command for details and examples on how to generate a Control Plane spec from a docker-compose project.

Override Workload Spec with x-cpln

The CLI looks for an x-cpln block on each compose service. The keys inside this block are merged over the inferred Control Plane workload spec before deployment or when you run cpln stack manifest, letting you control fields that are not expressible in plain docker-compose (for example firewall rules, identities, retry policies, or autoscaling). 
version: '3.9'

services:
  api:
    image: ghcr.io/example/api:1.2.3
    container_name: api-prod
    ports:
      - '8080:8080'

    x-cpln:
      type: serverless
      containers:
        - name: api
          image: ghcr.io/example/api:1.2.3
          cpu: 250m
          memory: 256Mi
          command: '/bin/api'
          args:
            - '--config=/etc/api/config.yaml'
          ports:
            - number: 8080
              protocol: tcp
      identityLink: /org/acme/gvc/prod/identity/api
      defaultOptions:
        capacityAI: false
        autoscaling:
          minScale: 0
          maxScale: 3
          metric: concurrency
          target: 50
      firewallConfig:
        external:
          inboundAllowCIDR:
            - 34.120.0.0/16
          outboundAllowCIDR:
            - 0.0.0.0/0
        internal:
          inboundAllowType: workloads
          inboundAllowWorkload:
            - /org/acme/workload/web
      loadBalancer:
        direct:
          enabled: false
      requestRetryPolicy:
        attempts: 3
        retryOn:
          - 429
Running cpln stack manifest with the compose file above produces a workload spec that includes the overrides: 
kind: workload
name: api
spec:
  type: serverless
  containers:
    - name: api
      image: ghcr.io/example/api:1.2.3
      cpu: 250m
      memory: 256Mi
      command: /bin/api
      args:
        - --config=/etc/api/config.yaml
      ports:
        - number: 8080
          protocol: tcp
  identityLink: /org/acme/gvc/prod/identity/api
  defaultOptions:
    capacityAI: false
    autoscaling:
      minScale: 0
      maxScale: 3
      metric: concurrency
      target: 50
  firewallConfig:
    external:
      inboundAllowCIDR:
        - 34.120.0.0/16
      outboundAllowCIDR:
        - 0.0.0.0/0
    internal:
      inboundAllowType: workloads
      inboundAllowWorkload:
        - /org/acme/workload/web
  loadBalancer:
    direct:
      enabled: true
  requestRetryPolicy:
    attempts: 3
    retryOn:
      - 429

Requirements

  • Service-to-service connections must use the CPLN local syntax for host name.
    • Workload name would be the service name in this case.
    • E.g., if service1 connects to service2 to using http://service2:8080, this must be replaced with http://service2.{GVC}.cpln.local:8080
  • Docker Compose file must specify all ports to be exposed, even just internally exposed ports.

Translation Notes

  • Compose services become single container workloads
  • Compose networks are used to configure the internal firewall of the workload
  • Compose volumes are converted to volumesets, with 10gb storage
  • Compose secrets, configs, and file bind mounts are converted to secrets. Necessary policies and identities will be created.
  • All external outbound requests are enabled by default, unless network_mode is set to none
  • deploy.resource.limit.cpus and deploy.resource.limit.memory will determine cpu and memory allocation respectively.
  • Default cpu and memory (if above not specified) set to 42m and 128Mi respectively
  • Include an x-cpln section on a service to override or extend the generated workload spec (for example, to set a custom firewallConfig).
  • Environment variables determined from environment field and/or env_file
  • ports and expose field maps to container ports
    • Note: We only use the container port, not host port. Other services MUST connect to the container port.
  • Capacity AI will be enabled if deploy.resources.reservations < deploy.resources.limits
  • deploy.replicas will determine replica count (min AND max)
  • healthcheck values will map to readiness probe
  • Services with a GPU device will have GPU enabled.
    • Note: cpu and memory values may have to be increased if GPU is enabled.