cameleer/cameleer-server
1
0
Fork 0
Code Issues 45 Pull Requests Actions Packages Projects Releases Wiki Activity

docs: correct loader-network reachability claim; refresh HOWTO env vars
All checks were successful
CI / cleanup-branch (push) Has been skipped
Details
CI / build (push) Successful in 4m32s
Details
CI / docker (push) Successful in 2m55s
Details
CI / deploy-feature (push) Has been skipped
Details
CI / deploy (push) Successful in 55s
Details

Browse Source 
Final-review must-fixes:
- HOWTO.md: drop CAMELEER_SERVER_RUNTIME_JARDOCKERVOLUME; add the three new
  artifact env vars (loaderimage / artifacttokenttlseconds / artifactbaseurl).
- DeploymentExecutor @PostConstruct WARN, handoff doc, and docker-orchestration
  rule no longer claim the loader uses cameleer-traefik. The loader runs on
  the PRIMARY Docker network only — additional networks are attached after
  startContainer returns, by which time the loader has exited. SaaS still
  works because the tenant's primary network hosts the tenant server.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-27 17:13:56 +02:00
parent c970120b9f
commit f772e868e6
4 changed files with 25 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/handoff/2026-04-27-init-container-jar-fetch.md
View File

@@ -90,11 +90,15 @@ New env vars (`application.yml` defaults shown):
Removed: `CAMELEER_SERVER_RUNTIME_JARDOCKERVOLUME` — no longer needed (loader downloads via HTTP, not bind-mount).
`@PostConstruct` WARN logs at server startup if neither `artifactbaseurl` nor `serverurl` is set, pointing at the implicit `cameleer-server` Docker DNS dependency that only works on `cameleer-traefik`.
`@PostConstruct` WARN logs at server startup if neither `artifactbaseurl` nor `serverurl` is set, pointing at the implicit `cameleer-server` Docker DNS dependency on the loader's primary network.
## Network reachability requirement
The loader container must be able to reach the Cameleer server over HTTP. In SaaS mode this works because `DockerNetworkManager` adds `cameleer-traefik` as an additional network for tenant containers, and the server is reachable on that network via the `cameleer-server` DNS alias. For non-SaaS topologies, set `CAMELEER_SERVER_RUNTIME_ARTIFACTBASEURL` to a URL the loader can reach.
The loader container reaches the server over the **primary** Docker network only — `request.network()` in `ContainerRequest`, set from `CAMELEER_SERVER_RUNTIME_DOCKERNETWORK`. Additional networks (`cameleer-traefik`, per-env, etc.) are attached by `DockerNetworkManager.connectContainer` AFTER `startContainer` returns, by which time the loader has already exited — they are NOT available to the loader.
In SaaS mode this works because the tenant's primary network is `cameleer-tenant-{slug}` and the tenant's own `cameleer-server` instance is configured to run on that same network (`CAMELEER_SERVER_RUNTIME_DOCKERNETWORK=cameleer-tenant-{slug}` on the server's compose/manifest). The loader resolves `cameleer-server` via Docker DNS on the primary network and pulls the artifact directly.
For non-SaaS topologies (e.g. server on a different network from tenant containers), set `CAMELEER_SERVER_RUNTIME_ARTIFACTBASEURL` to a URL the loader can reach over its primary network.
## Documented but skipped