Install nodes using Docker

Requirement

Docker version 1.12.0 or higher is required. This can be checked with the docker --version command:

$ docker --version
Docker version 1.12.0, build 8eab29e

For more information about Docker installation, see https://docs.docker.com/installation/

Image load

Using your docker image, eg DecisionInsightMessagingSystem_${release}_DockerImage_linux-x86-64.tar.gz and load it into the docker local image registry with the docker load command. The image loading can be verified with the command docker images:

$ docker load -i DecisionInsightMessagingSystem_${release}_DockerImage_linux-x86-64.tar.gz
$ docker images
REPOSITORY                              TAG               IMAGE ID            CREATED             VIRTUAL SIZE
axway/decisioninsight-messagingsystem   XXXXXXXX-XX       0123456789ab        3 minutes ago       175 MB

Container creation

A single image is distributed but 2 containers will be required. One for the orchestrator, one for the messaging server.

To create the container the following information are required:

  • the Decision Insight messaging system image name to be used, eg axway/decisioninsight-messagingsystem:XXXXXXXX-XX
  • the container name, which is a unique identifier for the Docker node, for example, dims_type_XXXXXXXX-XX
  • the host port on which the container services ports should be exposed (one per port listed in Network prerequisites)
  • the CMD_TYPE environment variable which indicates whether the image should run the orchestrator or the messaging server.

The container is created with the docker create command. The needed information are filled in this command line, then the container creation can be verified with the docker ps command

--pids-limit argument will prevent fork bombs by restricting the number of forks that can happen inside a container at a given time. --pids-limit is required to be at least 65536.

By default, CPU time is divided between containers equally. CPU sharing allows to prioritize one container over the other. Every new container will have 1024 shares of CPU by default. Use --cpu-shares argument (e.g: --cpu-shares 512 to use 50% of what the other containers use).

Orchestrator

Create an orchestrator
$ docker create --tty --interactive --volume /opt/dims/node --publish 2181:2181 --publish 2888:2888 --publish 3888:3888 --env CMD_TYPE="orchestrator" --read-only --pids-limit 65536 --cpu-shares 512 --name dims_orchestrator_XXXXXXXX-XX axway/decisioninsight-messagingsystem:XXXXXXXX-XX
a92ff2439e876f624ba1811a15296f61ca95256ac1f0d40fac389f6623165735
$ docker ps -a
CONTAINER ID        IMAGE                                               COMMAND                 CREATED             STATUS              PORTS               NAMES
f3b094761509        axway/decisioninsight-messagingsystem:XXXXXXXX-XX   "/docker-cmd.sh"        5 seconds ago                                               dims_orchestrator_XXXXXXXX-XX

Messaging server


Create a messaging server
$ docker create --tty --interactive --volume /opt/dims/node --publish 9092:9092 --env CMD_TYPE="messaging-server" --read-only --pids-limit 65536 --cpu-shares 512 --name dims_messaging-server_XXXXXXXX-XX axway/decisioninsight-messagingsystem:XXXXXXXX-XX
82270e01303aa17f416fb0367691dc06f4ad93152cb23d36248a071108b4c343
$ docker ps -a
CONTAINER ID        IMAGE                                               COMMAND                 CREATED             STATUS              PORTS               NAMES
f3b094761509        axway/decisioninsight-messagingsystem:XXXXXXXX-XX   "/docker-cmd.sh"        5 seconds ago                                               dims_messaging-server_XXXXXXXX-XX

For more information about Docker container security, see Docker runtime best practice

Configuration

Before being started, the nodes must be configured. The following steps must be performed:

  1. Launch a temporary container with the docker run command to be able to edit the nodeconfiguration files (see below)
    1. edit file /opt/dims/node/conf/{NODE_TYPE}/platform.properties
    2. edit file /opt/dims/node/conf/{NODE_TYPE}/jvm.conf

Orchestrator

See Orchestrator for the configuration options of the orchestrator.

Configure an orchestrator
$ docker run --rm --tty --interactive --user dims-admin --volumes-from=dims_orchestrator_XXXXXXXX-XX axway/decisioninsight-messagingsystem:XXXXXXXX-XX /bin/sh
/ # vi /opt/dims/node/conf/orchestrator/jvm.conf
/ # vi /opt/dims/node/conf/orchestrator/platform.properties
/ # exit

Messaging server

See Messaging server for the configuration options of the messaging server.

When using docker there is one extra line to add in the platform.properties

You are advised to configure TLS on the messaging system to secure your deployment and use it in Axway Decision Insight, see TLS Configuration.

# For example, if you have the following line in your configuration
#    listeners=SSL://0.0.0.0:9092
# Then you need to add this next one (and replace the <hostname>)
advertised.listeners=SSL://<hostname>:9092
Configure a messaging server
# Considering that you have a folder /host/path/to/cert with a keystore and a trust store
$ docker run --rm --tty --interactive --user dims-admin --volumes-from=dims_messaging-server_XXXXXXXX-XX --volume /host/path/to/cert:/tmp/cert axway/decisioninsight-messagingsystem:XXXXXXXX-XX /bin/sh
/ # cp /tmp/cert/*.jks /opt/dims/node/conf/messaging-server
/ # vi /opt/dims/node/conf/messaging-server/jvm.conf
/ # vi /opt/dims/node/conf/messaging-server/platform.properties
/ # exit 

Related Links