lucasacchi/laboratori-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2f56df4dc3f3d9047a8b960cf9f5afb3cde4f825
laboratori-cloud/.planning/phases/04-lab-03-compute-ec2/04-03-PLAN.md
Luca Sacchi Ricciardi 23a9ffe443 feat(lab-03): complete Phase 4 - Compute & EC2 lab 
Phase Plans (5 files):
- 04-RESEARCH.md: Domain research on Docker limits, healthchecks, EC2 parallels
- 04-VALIDATION.md: Success criteria and validation strategy
- 04-01-PLAN.md: Test infrastructure (RED phase)
- 04-02-PLAN.md: Diátxis documentation
- 04-03-PLAN.md: Infrastructure implementation (GREEN phase)

Test Scripts (6 files, 1300+ lines):
- 01-resource-limits-test.sh: Validate INF-03 compliance
- 02-healthcheck-test.sh: Validate healthcheck configuration
- 03-enforcement-test.sh: Verify resource limits with docker stats
- 04-verify-infrastructure.sh: Infrastructure verification
- 99-final-verification.sh: End-to-end student verification
- run-all-tests.sh: Test orchestration with fail-fast
- quick-test.sh: Fast validation (<30s)

Documentation (11 files, 2500+ lines):
Tutorials (3):
- 01-set-resource-limits.md: EC2 instance types, Docker limits syntax
- 02-implement-healthchecks.md: ELB health check parallels
- 03-dependencies-with-health.md: depends_on with service_healthy

How-to Guides (4):
- check-resource-usage.md: docker stats monitoring
- test-limits-enforcement.md: Stress testing CPU/memory
- custom-healthcheck.md: HTTP, TCP, database healthchecks
- instance-type-mapping.md: Docker limits → EC2 mapping

Reference (3):
- compose-resources-syntax.md: Complete deploy.resources reference
- healthcheck-syntax.md: All healthcheck parameters
- ec2-instance-mapping.md: Instance type mapping table

Explanation (1):
- compute-ec2-parallels.md: Container=EC2, Limits=Instance Type, Healthcheck=ELB

Infrastructure:
- docker-compose.yml: 5 services (web, app, worker, db, stress-test)
  All services: INF-03 compliant (cpus + memory limits)
  All services: healthcheck configured
  EC2 parallels: t2.nano, t2.micro, t2.small, t2.medium, m5.large
- Dockerfile: Alpine 3.19 + stress tools + non-root user

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-03 15:16:58 +02:00

336 lines
8.9 KiB
Markdown
Raw Blame History

---
phase: 04-lab-03-compute-ec2
plan: 03
type: execute
wave: 2
depends_on:
- "04-01"
- "04-02"
files_modified:
- labs/lab-03-compute/docker-compose.yml
- labs/lab-03-compute/Dockerfile
- labs/lab-03-compute/tests/04-verify-infrastructure.sh
autonomous: true
requirements:
- LAB-03
- INF-01
- INF-03
- PARA-01
- PARA-02
- TEST-01
- TEST-05
user_setup: []
must_haves:
truths:
- "docker-compose.yml exists and is valid (docker compose config passes)"
- "All services have deploy.resources.limits.cpus set (INF-03)"
- "All services have deploy.resources.limits.memory set (INF-03)"
- "Services have appropriate healthchecks defined"
- "depends_on uses condition: service_healthy where appropriate"
- "Infrastructure verification passes all checks"
- "Cloud nomenclature follows EC2 instance patterns (PARA-02)"
artifacts:
- path: "labs/lab-03-compute/docker-compose.yml"
provides: "Compute infrastructure with limits and healthchecks"
min_lines: 100
- path: "labs/lab-03-compute/Dockerfile"
provides: "Test container image with stress tools"
min_lines: 25
- path: "labs/lab-03-compute/tests/04-verify-infrastructure.sh"
provides: "Infrastructure verification script"
min_lines: 100
key_links:
- from: "docker-compose.yml"
to: "tests/01-resource-limits-test.sh"
via: "Tests validate deploy.resources.limits"
pattern: "deploy:.*resources:.*limits"
- from: "docker-compose.yml"
to: "tests/02-healthcheck-test.sh"
via: "Tests validate healthcheck sections"
pattern: "healthcheck:"
- from: "docker-compose.yml"
to: "reference/compose-resources-syntax.md"
via: "Reference documents all resource options"
pattern: "deploy:.*resources"
- from: "docker-compose.yml"
to: "explanation/compute-ec2-parallels.md"
via: "Instance types mapped to EC2"
pattern: "# EC2|t2\\.micro|m5\\.large"
---
<objective>
Implement compute infrastructure for Lab 03 (Compute & EC2) with Docker Compose resource limits and healthchecks. Create docker-compose.yml with services that have mandatory CPU/memory limits (INF-03 compliance) and healthchecks for readiness verification.
Purpose: GREEN phase implementation - make tests from Plan 04-01 pass by implementing compute infrastructure with proper resource limits and healthchecks.
Output: docker-compose.yml with 4+ services, Dockerfile for test container, and infrastructure verification script.
</objective>
<execution_context>
@/home/luca/.claude/get-shit-done/workflows/execute-plan.md
@/home/luca/.claude/get-shit-done/templates/summary.md
</execution_context>
<context>
@.planning/REQUIREMENTS.md
@.planning/phases/04-lab-03-compute-ec2/04-RESEARCH.md
@.planning/phases/04-lab-03-compute-ec2/04-VALIDATION.md
@.planning/phases/03-lab-02-network-vpc/03-03-PLAN.md
@labs/lab-02-network/docker-compose.yml
# Infrastructure Requirements
## INF-03: Mandatory Resource Limits
**CRITICAL:** Every service MUST have:
```yaml
deploy:
resources:
limits:
cpus: 'X' # REQUIRED
memory: 'XG' # REQUIRED
```
**NON-COMPLIANT:**
```yaml
# Missing limits - INF-03 VIOLATION
services:
app:
image: nginx
# No deploy section
```
## Service Configuration
### Tier 1: Web Server (t2.micro parallel)
```yaml
web:
image: nginx:alpine
container_name: lab03-web
deploy:
resources:
limits:
cpus: '1'
memory: 1G
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost/"]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
```
### Tier 2: Application Server (t2.small parallel)
```yaml
app:
image: nginx:alpine
container_name: lab03-app
deploy:
resources:
limits:
cpus: '1'
memory: 2G
depends_on:
web:
condition: service_healthy
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost/"]
interval: 10s
timeout: 5s
retries: 3
```
### Tier 3: Worker (t2.medium parallel)
```yaml
worker:
image: alpine:3.19
container_name: lab03-worker
command: ["sh", "-c", "sleep 3600"]
deploy:
resources:
limits:
cpus: '2'
memory: 4G
healthcheck:
test: ["CMD-SHELL", "exit 0"]
interval: 30s
timeout: 5s
retries: 3
```
### Tier 4: Database (t2.medium parallel)
```yaml
db:
image: postgres:16-alpine
container_name: lab03-db
environment:
POSTGRES_DB: lab03_db
POSTGRES_USER: lab03_user
POSTGRES_PASSWORD: lab03_password
deploy:
resources:
limits:
cpus: '2'
memory: 4G
volumes:
- db-data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U lab03_user -d lab03_db"]
interval: 10s
timeout: 5s
retries: 5
start_period: 10s
```
### Test Container (for enforcement testing)
```yaml
stress-test:
image: polinux/stress
container_name: lab03-stress
command: ["--cpu", "1", "--vm", "1", "--vm-bytes", "256M", "--timeout", "30s"]
deploy:
resources:
limits:
cpus: '0.5'
memory: 512M
healthcheck:
test: ["CMD-SHELL", "exit 0"]
interval: 5s
timeout: 3s
retries: 3
```
# Dockerfile for Test Container
```dockerfile
# Dockerfile for Lab 03 - Compute & EC2
# Test container with stress testing tools
FROM alpine:3.19
# Create non-root user (INF-01 compliance)
RUN addgroup -g 1000 appgroup && \
adduser -D -u 1000 -G appgroup appuser
# Install stress testing tools
RUN apk add --no-cache \
stress \
curl \
&& rm -rf /var/cache/apk/*
# Switch to non-root user
USER appuser
WORKDIR /home/appuser
# Default command - ready for stress testing
CMD ["sh", "-c", "sleep 3600"]
```
# Healthcheck Best Practices
## HTTP Service Healthcheck
```yaml
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost/health"]
interval: 10s # Check every 10 seconds
timeout: 5s # Fail after 5 seconds
retries: 3 # Unhealthy after 3 failures
start_period: 5s # Grace period on startup
```
## Database Healthcheck
```yaml
test: ["CMD-SHELL", "pg_isready -U postgres || exit 1"]
interval: 10s
timeout: 5s
retries: 5 # More retries for DB (slower startup)
start_period: 10s # Longer grace period
```
## Simple Healthcheck
```yaml
test: ["CMD-SHELL", "exit 0"]
interval: 30s # Less frequent for simple checks
timeout: 3s
retries: 3
```
# Infrastructure Verification Script
Based on labs/lab-02-network/tests/04-verify-infrastructure.sh pattern:
## Verification Steps
1. **File Existence:** docker-compose.yml exists
2. **Syntax Validation:** docker compose config passes
3. **Resource Limits:** All services have cpus and memory limits
4. **Healthchecks:** All services have healthcheck sections
5. **INF-03 Compliance:** 100% of services have limits
6. **Deploy Services:** docker compose up -d succeeds
7. **Health Status:** Services become healthy
8. **Resource Enforcement:** docker stats shows limits
9. **Dependency Order:** Services start in correct order
10. **Final Report:** Pass/fail summary
# Cloud Nomenclature (PARA-02)
Service names should reflect EC2 instance parallels:
- `web` → Web tier (t2.micro)
- `app` → Application tier (t2.small)
- `worker` → Background processing (t2.medium)
- `db` → Database tier (t2.medium)
# Implementation Notes
1. **Version:** Use `version: "3.8"` for compatibility
2. **Networks:** Can reuse networks from Lab 02 or create new
3. **Volumes:** Use named volumes for database persistence
4. **Security:** Follow INF-01 (no root), INF-02 (no 0.0.0.0 bindings)
5. **Parallelism:** Comments should show EC2 equivalent
# Success Criteria
Plan 04-03 is complete when:
1. docker-compose.yml created with 4+ services
2. All services have resource limits (INF-03)
3. All services have healthchecks
4. docker compose config validates
5. Services deploy and become healthy
6. Infrastructure verification passes all checks
7. Tests from 04-01 now pass (GREEN phase)
</context>
<tasks>
1. Create labs/lab-03-compute/ directory structure
2. Create docker-compose.yml (100+ lines)
- Service: web (nginx, t2.micro: 1 CPU, 1G RAM)
- Service: app (nginx, t2.small: 1 CPU, 2G RAM)
- Service: worker (alpine, t2.medium: 2 CPU, 4G RAM)
- Service: db (postgres, t2.medium: 2 CPU, 4G RAM)
- Service: stress-test (enforcement testing)
- All services: deploy.resources.limits
- All services: healthcheck sections
- Proper depends_on with conditions
- Named volumes for database
3. Create Dockerfile (25+ lines)
- Alpine 3.19 base
- Non-root user (INF-01)
- Install stress tools
- Minimal and secure
4. Create tests/04-verify-infrastructure.sh (100+ lines)
- Verify docker-compose.yml exists
- Validate syntax
- Check INF-03 compliance
- Verify healthchecks
- Deploy and test services
- Check resource enforcement
- Final summary report
5. Test infrastructure:
- docker compose config
- docker compose up -d
- docker stats verification
- health status check
- docker compose down
</tasks>
Reference in New Issue View Git Blame Copy Permalink