Skip to content

Deployment process for the production service

Warning

This page is a work in progress!

dev-VM

All developers/data analysts only get access to this VM (and not the other two VMs) to build their apps here and create the docker images.

(MG/SPACe) to approve of new dev/analysts and request to get access for them via SPACe helpdesk. Make sure to state clearly that this is for the non-public facing shiny server, space-rshiny-dev.

Creating a new account

Users should submit a query to SPACe helpdesk.

To have HPC-systems security scan an app once it is ready for release

Make sure to state clearly that this is for the non-public facing shiny server, space-rshiny-dev.

Include the name of the docker image.

Make sure the docker image has been deployed on the dev-VM is in configuration file application.yml and displays correctly on localhost

(EPCC/HPC-systems) to scan both the URL and the Dev host once a new app is created. If it passes the scans as expected, EPCC do not need to be involved any further down the chain. All apps moving from the dev-VM to the test- and/or prod-VMs need to be scanned, independently of prior versions of the same app having been on the test or prod-VMs before.

test-VM

Only a managing group (assigned by SPACe and consisting of SPACe staff, abbreviated to 'MG' in the following text) has access.

(MG) have to approve the publication of each app from the SPACe point of view.

(MG) have to be notified by SPACe re any updates or end-of-life to existing apps and arrange for this.

(MG) port the docker images from the dev-VM to the test-VM (using the process Elena used, details to be added to documentation asap).

(MG) check everything looks and works as expected.

(MG) Add data anlalyst to the configuration file with credentials, so they can see their app deployed on the test-VM https://eidf.epcc.ed.ac.uk/space-test/login

(MG) Let data anlyst know when everything is ready to be checked.

prod-VM

Only a managing group (assigned by SPACe, see above under 2)) has access.

After (MG) check everything on the test-VM, (MG) migrate the docker image (using the process Elena used, details to be added to documentation asap) to here.

(MG) to approve of new users to get access to the URL (that's not the VM!) for all, or a subset of all apps and to add these users to the config file for shiny ('simple authentication' what we have used so far).

(MG) Server restart required for each new added app - possibly best done outwidth working hours, e.g. via cron job.

IT-whitelisting is set the same for all three VMs, but can be adjusted if needed by (EPCC/HPC-systems).

In the event of any technical problems, (MG) to contact EPCC via SPACe helpdesk.

(EPCC) To sort out unexpected or new technical issues.