TTF/laboratori-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: align root docs and lab preparation cleanup

Browse Source
This commit is contained in:
Luca Sacchi Ricciardi
2026-04-10 15:01:23 +00:00
parent 478e940b43
commit bba7a21c09
3 changed files with 26 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+4 -4
View File
@@ -106,7 +106,7 @@ Configura Docker Volumes e MinIO per storage S3-compatible.
- Volumes named e bind mounts - Volumes named e bind mounts
- MinIO come S3 locale - MinIO come S3 locale
- Parallelismo: Docker Volumes -> EBS, MinIO -> S3 - Parallelismo: Docker Volumes -> EBS, MinIO -> S3
- **Test:** 6/6 verifiche passate (100%) - **Test:** verifica finale disponibile nel lab (`bash tests/99-final-verification.sh`)
**Documentazione:** [Tutorial](labs/lab-04-storage/tutorial/) | [How-to](labs/lab-04-storage/how-to-guides/) | [Reference](labs/lab-04-storage/reference/) | [Explanation](labs/lab-04-storage/explanation/) **Documentazione:** [Tutorial](labs/lab-04-storage/tutorial/) | [How-to](labs/lab-04-storage/how-to-guides/) | [Reference](labs/lab-04-storage/reference/) | [Explanation](labs/lab-04-storage/explanation/)
@@ -115,7 +115,7 @@ Deploy PostgreSQL in rete privata con persistenza dati.
- Container database in rete isolata - Container database in rete isolata
- Backup e restore dei dati - Backup e restore dei dati
- Parallelismo: PostgreSQL container -> RDS, Volume -> Snapshot - Parallelismo: PostgreSQL container -> RDS, Volume -> Snapshot
- **Test:** 7/7 verifiche passate (100%) - **Test:** verifica finale disponibile nel lab (`bash tests/99-final-verification.sh`)
**Documentazione:** [Tutorial](labs/lab-05-database/tutorial/) | [How-to](labs/lab-05-database/how-to-guides/) | [Reference](labs/lab-05-database/reference/) | [Explanation](labs/lab-05-database/explanation/) **Documentazione:** [Tutorial](labs/lab-05-database/tutorial/) | [How-to](labs/lab-05-database/how-to-guides/) | [Reference](labs/lab-05-database/reference/) | [Explanation](labs/lab-05-database/explanation/)
@@ -200,14 +200,14 @@ Per pulire invece tutto l'ambiente Docker locale:
Questo corso segue principi di sicurezza rigorosi: Questo corso segue principi di sicurezza rigorosi:
1. **Minimo Privilegio**: I container non girano mai come root 1. **Minimo Privilegio**: dove previsto, il processo principale del servizio non deve girare come root
2. **Isolamento di Rete**: Le reti private non espongono porte sull'host 2. **Isolamento di Rete**: Le reti private non espongono porte sull'host
3. **Limiti di Risorse**: Ogni container ha limiti CPU e memoria configurati 3. **Limiti di Risorse**: Ogni container ha limiti CPU e memoria configurati
4. **Persistenza**: I dati sopravvivono al riavvio dei container 4. **Persistenza**: I dati sopravvivono al riavvio dei container
## Roadmap ## Roadmap
### Progresso Complessivo: 100% (6/10 Phase completate) ### Progresso Complessivo: 5 laboratori core completati
| Phase | Stato | Descrizione | | Phase | Stato | Descrizione |
|-------|------|------------| |-------|------|------------|
TROUBLESHOOTING.md
+5 -2
View File
@@ -162,9 +162,12 @@ curl http://localhost:9000/minio/health/live
docker exec lab05-db pg_isready -U lab05_user docker exec lab05-db pg_isready -U lab05_user
``` ```
**Soluzione:** Il database è in rete privata. Usa container app per connetterti: **Soluzione:** Il database è in rete privata. Usa un client PostgreSQL nella stessa rete privata:
```bash ```bash
docker exec lab05-app psql -h db -U lab05_user -d lab05_db docker run --rm --network lab05-vpc-private \
-e PGPASSWORD=lab05_password \
postgres:16-alpine \
psql -h db -U lab05_user -d lab05_db
``` ```
#### Connessione dal host fallisce #### Connessione dal host fallisce
scripts/prepare-lab.sh
+17 -5
View File
@@ -45,7 +45,7 @@ Options:
What this script targets: What this script targets:
- Containers named lab01*, lab02-*, lab03-*, lab04-*, lab05-* - Containers named lab01*, lab02-*, lab03-*, lab04-*, lab05-*
- Networks named lab02-vpc-*, lab05-vpc-*, lab-04-storage_default - Networks named lab-01-iam_default, lab-03-compute_default, lab-04-storage_default, lab02-vpc-*, lab05-vpc-*
- Volumes named lab-02-network_*, lab-03-compute_*, lab-04-storage_*, lab-05-database_* - Volumes named lab-02-network_*, lab-03-compute_*, lab-04-storage_*, lab-05-database_*
Examples: Examples:
@@ -82,7 +82,7 @@ while [ $# -gt 0 ]; do
done done
mapfile -t COURSE_CONTAINERS < <(docker ps -a --format '{{.ID}} {{.Names}}' 2>/dev/null | grep -E '^[0-9a-f]+ (lab01|lab02-|lab03-|lab04-|lab05-)' | cut -d' ' -f1) mapfile -t COURSE_CONTAINERS < <(docker ps -a --format '{{.ID}} {{.Names}}' 2>/dev/null | grep -E '^[0-9a-f]+ (lab01|lab02-|lab03-|lab04-|lab05-)' | cut -d' ' -f1)
mapfile -t COURSE_NETWORKS < <(docker network ls --format '{{.Name}}' 2>/dev/null | grep -E '^(lab02-vpc-|lab05-vpc-|lab-04-storage_default)' || true) mapfile -t COURSE_NETWORKS < <(docker network ls --format '{{.Name}}' 2>/dev/null | grep -E '^(lab02-vpc-|lab05-vpc-|lab-01-iam_default|lab-03-compute_default|lab-04-storage_default)' || true)
mapfile -t COURSE_VOLUMES < <(docker volume ls --format '{{.Name}}' 2>/dev/null | grep -E '^lab-(02-network|03-compute|04-storage|05-database)_' || true) mapfile -t COURSE_VOLUMES < <(docker volume ls --format '{{.Name}}' 2>/dev/null | grep -E '^lab-(02-network|03-compute|04-storage|05-database)_' || true)
echo "==========================================" echo "=========================================="
@@ -123,19 +123,31 @@ run_or_print() {
if [ ${#COURSE_CONTAINERS[@]} -gt 0 ]; then if [ ${#COURSE_CONTAINERS[@]} -gt 0 ]; then
print_info "Removing course containers..." print_info "Removing course containers..."
run_or_print "remove containers" docker rm -f "${COURSE_CONTAINERS[@]}" >/dev/null 2>&1 || true if [ "$DRY_RUN" = true ]; then
run_or_print "remove containers" docker rm -f "${COURSE_CONTAINERS[@]}"
else
docker rm -f "${COURSE_CONTAINERS[@]}" >/dev/null 2>&1 || true
fi
print_success "Processed ${#COURSE_CONTAINERS[@]} container(s)" print_success "Processed ${#COURSE_CONTAINERS[@]} container(s)"
fi fi
if [ ${#COURSE_NETWORKS[@]} -gt 0 ]; then if [ ${#COURSE_NETWORKS[@]} -gt 0 ]; then
print_info "Removing course networks..." print_info "Removing course networks..."
run_or_print "remove networks" docker network rm "${COURSE_NETWORKS[@]}" >/dev/null 2>&1 || true if [ "$DRY_RUN" = true ]; then
run_or_print "remove networks" docker network rm "${COURSE_NETWORKS[@]}"
else
docker network rm "${COURSE_NETWORKS[@]}" >/dev/null 2>&1 || true
fi
print_success "Processed ${#COURSE_NETWORKS[@]} network(s)" print_success "Processed ${#COURSE_NETWORKS[@]} network(s)"
fi fi
if [ "$KEEP_VOLUMES" = false ] && [ ${#COURSE_VOLUMES[@]} -gt 0 ]; then if [ "$KEEP_VOLUMES" = false ] && [ ${#COURSE_VOLUMES[@]} -gt 0 ]; then
print_info "Removing course volumes..." print_info "Removing course volumes..."
run_or_print "remove volumes" docker volume rm "${COURSE_VOLUMES[@]}" >/dev/null 2>&1 || true if [ "$DRY_RUN" = true ]; then
run_or_print "remove volumes" docker volume rm "${COURSE_VOLUMES[@]}"
else
docker volume rm "${COURSE_VOLUMES[@]}" >/dev/null 2>&1 || true
fi
print_success "Processed ${#COURSE_VOLUMES[@]} volume(s)" print_success "Processed ${#COURSE_VOLUMES[@]} volume(s)"
elif [ "$KEEP_VOLUMES" = true ]; then elif [ "$KEEP_VOLUMES" = true ]; then
print_info "Skipping volume removal as requested" print_info "Skipping volume removal as requested"