DOCKER_DEPLOYMENT.md

Docker Deployment Guide

Complete guide for containerizing and deploying HonestLiar on AWS ECS, EKS, or EC2.

📋 Table of Contents

• Quick Start with Docker Compose
• AWS ECR Setup
• AWS ECS Deployment
• AWS EKS Deployment
• EC2 Deployment
• Production Best Practices

---

🚀 Quick Start with Docker Compose

Prerequisites

• Docker 20.10+
• Docker Compose 2.0+

Local Development

1. Copy environment file:

   cp .env.docker .env

2. Edit .env file with your configuration

3. Start all services:

   docker-compose up -d

4. Access the application:

   • Frontend: http://localhost:3000
   • Backend API: http://localhost:3001
   • MongoDB: localhost:27017

5. View logs:

   docker-compose logs -f

6. Stop services:

   docker-compose down

Production Mode with Nginx

docker-compose --profile production up -d

This includes an Nginx reverse proxy on port 80.

---

🏗️ Building Docker Images

Build Manually

Backend:

cd backend
docker build -t honestliar-backend:latest .

Frontend:

cd frontend
docker build -t honestliar-frontend:latest \
  --build-arg VITE_API_URL=http://your-backend-url:3001 .

Test Images Locally

# Test backend
docker run -p 3001:3001 \
  -e STORAGE_TYPE=memory \
  honestliar-backend:latest

# Test frontend
docker run -p 8080:8080 \
  honestliar-frontend:latest

---

☁️ AWS ECR Setup

Create ECR Repositories

aws ecr create-repository --repository-name honestliar-backend --region us-east-1
aws ecr create-repository --repository-name honestliar-frontend --region us-east-1

Push Images to ECR

Use the provided script:

chmod +x scripts/build-and-push.sh
./scripts/build-and-push.sh <AWS_ACCOUNT_ID> <AWS_REGION> <VERSION>

Example:

./scripts/build-and-push.sh 123456789012 us-east-1 v1.0.0

Manual Push

# Login to ECR
aws ecr get-login-password --region us-east-1 | \
  docker login --username AWS --password-stdin \
  123456789012.dkr.ecr.us-east-1.amazonaws.com

# Tag images
docker tag honestliar-backend:latest \
  123456789012.dkr.ecr.us-east-1.amazonaws.com/honestliar-backend:latest

docker tag honestliar-frontend:latest \
  123456789012.dkr.ecr.us-east-1.amazonaws.com/honestliar-frontend:latest

# Push images
docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/honestliar-backend:latest
docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/honestliar-frontend:latest

---

🐳 AWS ECS Deployment

Prerequisites

1. VPC with subnets
2. Security groups (allow ports 80, 443, 3001, 8080)
3. Application Load Balancer (optional)
4. ECS Cluster

Create ECS Cluster

aws ecs create-cluster --cluster-name honestliar-cluster

Setup IAM Roles

Task Execution Role (for pulling images):

aws iam create-role \
  --role-name ecsTaskExecutionRole \
  --assume-role-policy-document file://aws/ecs-task-execution-role.json

aws iam attach-role-policy \
  --role-name ecsTaskExecutionRole \
  --policy-arn arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy

Store Secrets in AWS Secrets Manager

aws secretsmanager create-secret \
  --name honestliar/mongodb-uri \
  --secret-string "mongodb://admin:password@mongodb.example.com:27017/honestliar"

Update Task Definition

Edit aws/ecs-task-definition.json:

• Replace <AWS_ACCOUNT_ID> with your account ID
• Replace <AWS_REGION> with your region
• Update image URIs
• Update secret ARNs

Register Task Definition

aws ecs register-task-definition \
  --cli-input-json file://aws/ecs-task-definition.json

Create ECS Service

aws ecs create-service \
  --cluster honestliar-cluster \
  --service-name honestliar-service \
  --cli-input-json file://aws/ecs-service.json

Deploy Updates

Use the provided script:

chmod +x scripts/deploy-ecs.sh
./scripts/deploy-ecs.sh honestliar-cluster honestliar-service

---

☸️ AWS EKS Deployment

Prerequisites

1. EKS Cluster running
2. kubectl configured
3. AWS CLI configured

Create EKS Cluster

eksctl create cluster \
  --name honestliar-cluster \
  --region us-east-1 \
  --nodegroup-name standard-workers \
  --node-type t3.medium \
  --nodes 3 \
  --nodes-min 2 \
  --nodes-max 4 \
  --managed

Update Kubeconfig

aws eks update-kubeconfig \
  --name honestliar-cluster \
  --region us-east-1

Update Kubernetes Manifests

Edit kubernetes/deployment.yaml:

• Replace <AWS_ACCOUNT_ID> with your account ID
• Replace <AWS_REGION> with your region
• Update image URIs
• Update secrets

Deploy to EKS

Deploy application:

kubectl apply -f kubernetes/deployment.yaml

Deploy ingress (optional):

kubectl apply -f kubernetes/ingress.yaml

Verify Deployment

# Check pods
kubectl get pods -n honestliar

# Check services
kubectl get services -n honestliar

# Check ingress
kubectl get ingress -n honestliar

# View logs
kubectl logs -f deployment/backend -n honestliar

Deploy Updates

Use the provided script:

chmod +x scripts/deploy-eks.sh
./scripts/deploy-eks.sh honestliar-cluster us-east-1

---

🖥️ EC2 Deployment

Prerequisites

1. EC2 instance with Docker installed
2. Security group allowing ports 80, 443, 3000, 3001
3. Elastic IP (recommended)

Setup EC2 Instance

# SSH into EC2
ssh -i your-key.pem ec2-user@your-ec2-ip

# Install Docker
sudo yum update -y
sudo yum install docker -y
sudo systemctl start docker
sudo systemctl enable docker
sudo usermod -a -G docker ec2-user

# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" \
  -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

# Logout and login again for group changes
exit

Deploy Application

# Clone repository
git clone https://github.com/yourusername/honestliar-game.git
cd honestliar-game

# Copy and edit environment file
cp .env.docker .env
nano .env

# Start services
docker-compose -f docker-compose.yml -f docker-compose.prod.yml up -d

# View logs
docker-compose logs -f

Setup Auto-restart on Boot

Create systemd service file:

sudo nano /etc/systemd/system/honestliar.service

[Unit]
Description=HonestLiar Game
Requires=docker.service
After=docker.service

[Service]
Type=oneshot
RemainAfterExit=yes
WorkingDirectory=/home/ec2-user/honestliar-game
ExecStart=/usr/local/bin/docker-compose -f docker-compose.yml -f docker-compose.prod.yml up -d
ExecStop=/usr/local/bin/docker-compose down
TimeoutStartSec=0

[Install]
WantedBy=multi-user.target

Enable service:

sudo systemctl enable honestliar.service
sudo systemctl start honestliar.service

Setup SSL with Let's Encrypt

# Install certbot
sudo yum install certbot -y

# Get certificate
sudo certbot certonly --standalone -d your-domain.com

# Copy certificates
sudo mkdir -p nginx/ssl
sudo cp /etc/letsencrypt/live/your-domain.com/fullchain.pem nginx/ssl/cert.pem
sudo cp /etc/letsencrypt/live/your-domain.com/privkey.pem nginx/ssl/key.pem

# Update nginx config to enable HTTPS
# Uncomment HTTPS server block in nginx/nginx.conf

# Restart services
docker-compose restart

---

🔒 Production Best Practices

Security

1. Use HTTPS with valid SSL certificates
2. Enable authentication for MongoDB
3. Use AWS Secrets Manager for sensitive data
4. Enable CloudWatch logs for monitoring
5. Setup VPC with private subnets
6. Use security groups to restrict access
7. Enable AWS WAF for DDoS protection

Monitoring

1. CloudWatch Metrics:

   # Enable Container Insights (ECS)
   aws ecs update-cluster-settings \
     --cluster honestliar-cluster \
     --settings name=containerInsights,value=enabled

2. Application Logs:

   • ECS: CloudWatch Logs
   • EKS: CloudWatch Container Insights
   • EC2: Docker logs + CloudWatch agent

3. Health Checks:

   • Backend: http://backend:3001/health
   • Frontend: http://frontend:8080/health

Scaling

ECS Auto Scaling:

aws application-autoscaling register-scalable-target \
  --service-namespace ecs \
  --scalable-dimension ecs:service:DesiredCount \
  --resource-id service/honestliar-cluster/honestliar-service \
  --min-capacity 2 \
  --max-capacity 10

EKS Auto Scaling: Already configured in kubernetes/deployment.yaml with HorizontalPodAutoscaler.

Backup

MongoDB Backup (if using managed MongoDB):

# Create backup
docker exec honestliar-mongodb mongodump --out /data/backup

# Schedule daily backups
0 2 * * * docker exec honestliar-mongodb mongodump --out /data/backup/$(date +\%Y\%m\%d)

Updates

Rolling Updates (ECS):

./scripts/deploy-ecs.sh honestliar-cluster honestliar-service

Rolling Updates (EKS):

kubectl rollout restart deployment/backend -n honestliar
kubectl rollout restart deployment/frontend -n honestliar

Zero-Downtime Updates (EC2):

docker-compose pull
docker-compose up -d --no-deps --build

---

🧪 Testing Deployment

Smoke Tests

# Test backend health
curl http://your-domain:3001/health

# Test frontend
curl http://your-domain:3000

# Test WebSocket connection
wscat -c ws://your-domain:3001/socket.io/

Load Testing

# Install Apache Bench
sudo yum install httpd-tools -y

# Test backend
ab -n 1000 -c 10 http://your-domain:3001/health

# Test frontend
ab -n 1000 -c 10 http://your-domain:3000/

---

🆘 Troubleshooting

Check Logs

Docker Compose:

docker-compose logs -f backend
docker-compose logs -f frontend

ECS:

aws logs tail /ecs/honestliar-backend --follow

EKS:

kubectl logs -f deployment/backend -n honestliar
kubectl describe pod <pod-name> -n honestliar

Common Issues

1. Container won't start:

   • Check environment variables
   • Verify MongoDB connection
   • Check health check logs

2. Cannot connect to backend:

   • Verify security groups
   • Check CORS settings
   • Verify load balancer configuration

3. High CPU/Memory:

   • Scale up resources
   • Enable auto-scaling
   • Check for memory leaks

---

📚 Additional Resources

• Docker Documentation
• AWS ECS Documentation
• AWS EKS Documentation
• Kubernetes Documentation

---

Need help? Open an issue on GitHub or check our Contributing Guide.