Files
sriphat-dataplatform/document-obsidiant/2026-SRI-PJ-001 Sriphat AI Transformation/08-Operations-Runbook.md
jigoong a587be08bd feat: MinIO integration — bucket finance, API service upload, Nginx routing
- 01-infra/nginx-configs: add MinIO /minio/ and /minio-console/ location blocks
  (port 9000 S3 API, port 9001 Console UI, path stripping via rewrite)
- 03-apiservice: integrate MinIO minio-python SDK for file upload
  - requirements.txt: add minio==7.2.11
  - app/core/config.py: add MINIO_ENDPOINT, ACCESS_KEY, SECRET_KEY, BUCKET_FINANCE, USE_SSL
  - app/services/minio_client.py: new — upload_file(), get_presigned_url(), delete_file()
  - app/routes/pages.py: replace local /data/uploads/ write with MinIO upload to finance bucket
  - docker-compose.yml: pass MinIO env vars to container
  - .env.example: document MinIO vars
- 07-minio/.env.example: add MINIO_SVC_ACCESS_KEY/SECRET_KEY section
- 07-minio/README.md: add Python minio SDK and Airflow DAG usage guide
- CLAUDE.md: project context (servers, SSH, paths, service distribution)
- document-obsidiant/: initial Obsidian docs for all services
2026-05-20 17:42:39 +07:00

402 lines
8.7 KiB
Markdown

---
tags:
- project/sriphat
- operations
- runbook
- deployment
- troubleshooting
created: 2026-05-07
status: active
---
# Operations Runbook
## Quick Reference — Service Status
```bash
# ดู containers ทั้งหมดที่รันอยู่
docker ps
# ดู resource usage
docker stats
# ดู logs แบบ realtime (ผ่าน Dozzle)
# https://ai.sriphat.com/dozzle
```
---
## First-Time Deployment
### Prerequisites
- Docker + Docker Compose installed
- RAM ≥ 8 GB
- Disk ≥ 50 GB
- Port 80, 443 accessible
### Step 1: Setup Network
```bash
# สร้าง Docker network ร่วม
docker network create shared_data_network
```
### Step 2: Configure Environment
```bash
# Copy และแก้ไขค่า
cp .env.example .env.global
nano .env.global
# Supabase env
cd 02-supabase
cp .env.example .env
nano .env
# API Service env
cd ../03-apiservice
cp .env.example .env
nano .env
# MinIO env
cd ../07-minio
cp .env.example .env
nano .env
```
### Step 3: Start Services (ตามลำดับ)
```bash
# 1. Infrastructure (Nginx + Keycloak + PostgreSQL + Redis)
cd 01-infra
docker compose --env-file ../.env.global up -d
# รอ PostgreSQL พร้อม (~30 วินาที)
sleep 30
# 2. Supabase
cd ../02-supabase
docker compose up -d
# รอ Supabase DB พร้อม (~60 วินาที)
sleep 60
# 3. API Service
cd ../03-apiservice
docker compose --env-file ../.env.global up --build -d
# 4. Airflow (ถ้าใช้งาน)
cd ../05-airflow
docker compose up airflow-init # รอให้ init เสร็จ
docker compose up -d
# 5. Analytics (Superset)
cd ../06-analytics
docker compose --env-file ../.env.global build
docker compose --env-file ../.env.global up -d
# 6. MinIO
cd ../07-minio
docker compose up -d
```
### Step 4: Verify Services
```bash
docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
```
Expected containers:
- `nginx-proxy-manager`
- `keycloak`
- `postgres`
- `redis`
- `dozzle`
- `sdp-supabase-db`
- `sdp-supabase-studio`
- `sdp-supabase-kong`
- `sdp-supabase-auth`
- `sdp-supabase-rest`
- `sdp-realtime-dev`
- `sdp-supabase-storage`
- `sdp-supabase-pooler`
- `sdp-supabase-analytics`
- `sdp-supabase-meta`
- `apiservice`
- `superset`
- `minio`
---
## Post-Installation Setup
### Setup Keycloak
1. เข้า `https://ai.sriphat.com/keycloak/admin`
2. Login ด้วย `KEYCLOAK_ADMIN` credentials
3. สร้าง Realm: `sriphat`
4. สร้าง Clients:
- `apiservice` (API Service)
- `superset-client` (Apache Superset)
- `minio-client` (MinIO)
- `airflow-client` (Apache Airflow)
5. เชื่อมต่อ LDAP/AD (optional)
### Initialize API Service
```bash
# เข้า Admin UI
https://ai.sriphat.com/apiservice/admin/
# สร้าง API Client และ Generate Key
curl -X POST "https://ai.sriphat.com/apiservice/admin/api-keys/generate" \
-H "Cookie: session=<admin-session>" \
-d "client_id=1&permissions=feed.checkpoint:write&name=his-key"
```
### Setup Superset Data Sources
1. เข้า `https://ai.sriphat.com/superset`
2. Settings → Database Connections → Add
3. เพิ่ม PostgreSQL:
```
postgresql://postgres:<password>@postgres:5432/postgres
```
---
## Daily Operations
### Start All Services
```bash
# Infrastructure
cd 01-infra && docker compose --env-file ../.env.global up -d && cd ..
# Supabase
cd 02-supabase && docker compose up -d && cd ..
# API Service
cd 03-apiservice && docker compose --env-file ../.env.global up -d && cd ..
# Airflow
cd 05-airflow && docker compose up -d && cd ..
# Analytics
cd 06-analytics && docker compose --env-file ../.env.global up -d && cd ..
# MinIO
cd 07-minio && docker compose up -d && cd ..
```
### Stop All Services
```bash
cd 01-infra && docker compose down && cd ..
cd 02-supabase && docker compose down && cd ..
cd 03-apiservice && docker compose down && cd ..
cd 05-airflow && docker compose down && cd ..
cd 06-analytics && docker compose down && cd ..
cd 07-minio && docker compose down && cd ..
```
---
## Backup & Restore
### Backup PostgreSQL (Infra)
```bash
# Backup ทั้ง database
docker exec postgres pg_dumpall -U postgres > backup_all_$(date +%Y%m%d_%H%M).sql
# Backup เฉพาะ database
docker exec postgres pg_dump -U postgres postgres > backup_postgres_$(date +%Y%m%d).sql
docker exec postgres pg_dump -U postgres superset > backup_superset_$(date +%Y%m%d).sql
docker exec postgres pg_dump -U postgres airflow > backup_airflow_$(date +%Y%m%d).sql
```
### Backup Supabase PostgreSQL
```bash
docker exec sdp-supabase-db pg_dump -U postgres postgres > backup_supabase_$(date +%Y%m%d).sql
```
### Backup MinIO
```bash
# ใช้ mc mirror
mc mirror sriphat/ ./minio-backup-$(date +%Y%m%d)/
# หรือ tar data directory
tar -czf minio-backup-$(date +%Y%m%d).tar.gz 07-minio/data/
```
### Restore PostgreSQL
```bash
# Restore
docker exec -i postgres psql -U postgres postgres < backup_postgres_20260501.sql
```
---
## Update Services
```bash
# Pull latest images
cd 01-infra && docker compose --env-file ../.env.global pull && cd ..
cd 02-supabase && docker compose pull && cd ..
cd 06-analytics && docker compose --env-file ../.env.global pull && cd ..
cd 07-minio && docker compose pull && cd ..
# Rebuild API Service (มี code changes)
cd 03-apiservice
docker compose --env-file ../.env.global build
docker compose --env-file ../.env.global up -d
```
---
## Troubleshooting
### PostgreSQL ไม่ start / connection refused
```bash
# ตรวจสอบ health
docker exec postgres pg_isready -U postgres
# ดู logs
docker logs postgres --tail 50
# Check schemas
docker exec postgres psql -U postgres -c "\dn"
```
### Keycloak ไม่ start
```bash
# ดู logs (มักเกิดจาก PostgreSQL ยังไม่พร้อม)
docker logs keycloak --tail 50
# Restart หลัง PostgreSQL พร้อม
docker restart keycloak
```
### API Service ไม่ connect database
```bash
# ตรวจสอบ network
docker network inspect shared_data_network
# ตรวจสอบ env vars
docker exec apiservice env | grep DB_
# Test connection จาก container
docker exec apiservice python -c "import psycopg2; psycopg2.connect(host='postgres', user='postgres', password='<pass>')"
```
### Supabase services unhealthy
```bash
# ตรวจสอบทุก container
docker ps --filter "name=sdp-"
# Restart ตามลำดับ dependency
docker restart sdp-supabase-db
sleep 10
docker restart sdp-supabase-analytics
sleep 10
docker restart sdp-supabase-kong
docker restart sdp-supabase-auth
docker restart sdp-supabase-rest
```
### Airflow worker ไม่ pick tasks
```bash
# ตรวจสอบ Redis connectivity
docker exec airflow-worker redis-cli -h redis ping
# ตรวจสอบ worker
docker logs airflow-worker --tail 50
# Restart worker
docker restart airflow-worker
```
### Nginx 502 Bad Gateway
```bash
# ตรวจสอบว่า backend container ทำงานอยู่
docker ps | grep <service-name>
# ตรวจสอบ logs
docker logs nginx-proxy-manager --tail 50
docker logs <service-name> --tail 50
# ตรวจสอบ network
docker network inspect shared_data_network | grep -A5 <service-name>
```
### MinIO ไม่ accessible
```bash
# Health check
curl -f http://localhost:9000/minio/health/live
# Logs
docker logs minio --tail 50
# Disk space
df -h
```
---
## Monitoring
### Dozzle (Docker Logs)
**URL:** `https://ai.sriphat.com/dozzle`
Dozzle monitor ทั้ง:
- Main server (local)
- Remote agent: `192.168.100.9:7007`
### Container Health
```bash
# ดู health status
docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Health}}"
# ดู resource usage
docker stats --format "table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}"
```
---
## Access Points Summary
| Service | URL | Credentials |
|---------|-----|-------------|
| Nginx Proxy | `http://192.168.100.9:8020` | — |
| Keycloak Admin | `https://ai.sriphat.com/keycloak/admin` | `KEYCLOAK_ADMIN` |
| Supabase Studio | `https://ai.sriphat.com/supabase` | DB credentials |
| Supabase API | `https://ai.sriphat.com/supabase-api` | ANON_KEY / SERVICE_ROLE_KEY |
| API Service | `https://ai.sriphat.com/apiservice` | Admin credentials |
| Airflow | `https://ai.sriphat.com/airflow` | Airflow admin |
| Superset | `https://ai.sriphat.com/superset` | `SUPERSET_ADMIN_*` |
| MinIO Console | `https://ai.sriphat.com/minio-console` | `MINIO_ROOT_*` |
| MinIO API | `https://ai.sriphat.com/minio` | S3 credentials |
| Dozzle | `https://ai.sriphat.com/dozzle` | — (no auth default) |
---
## Related
- [[00-Project-Overview]]
- [[01-Infrastructure]]
- [[07-Security-Strategy]]