Accenture / adop-docker-compose

Talk to us on Gitter: https://gitter.im/Accenture/ADOP
https://accenture.github.io/adop-docker-compose
Apache License 2.0
767 stars 573 forks source link

Accessing the ADOP EC2 to manage/monitor the ADOP containers after successful quickstart.sh #257

Open DJLordGee opened 7 years ago

DJLordGee commented 7 years ago

Hi,

I've successfully installed the ADOP on an AWS in EC2 (automatically created) using the quickstart.sh, however it has come to my attention that once this is done if the user needs to stop/restart the EC2 hosting the containers there are no clear means to access (ssh) into the EC2 to manage/monitor the containers as the private key are not clearly provided during/after the install process (and access to the EC2 via CLI can only be done using private key at that stage).

Under these circumstances how do I get access to the EC2 in order to manage/monitor the ADOP containers?

If you could provide clear instructions on how to do this it would be much appreciated.

Thanks

TheTechOddBug commented 7 years ago

Have you used quickstart.sh from a remote machine? In that case, there is a docker-machine connection within the host from where you launched quickstart.sh. From there, you can connect to ADOP instance using "docker-machine ssh " command. If you have any issue regarding certificates, you can use regenerate-certs command. In addition, in the host from where you launched quickstart.sh, inside docker-machine path exists a folder for the ADOP instance and inside it you can find the certificates shared between that host and ADOP instance.

DJLordGee commented 7 years ago

Thanks for that information. At least it allows me to ssh into the EC2 created.

However my objective is to be in a position to monitor/manage the containers and trying to run a 'docker-compose ps' for example proves to be unsuccessful even after sourcing the the env.config.sh and env.provider.sh files.

What needs to be done in order to manage/monitor the ADOP containers (running in the EC2) remotely?

DJLordGee commented 7 years ago

I've actually realised that once I ssh onto the EC2 I could do a 'sudo docker ps' to list the containers running on the machine, but from an operations/maintenance point of view, assuming I want to restart/stop individual containers would I :

a) be able to stop and restart the different containers directly from there without issue? OR

b) would I need to execute a specific command from my remote laptop (which has docker-machine) ONLY to start/stop one or all the containers on the existing EC2? OR

c) have to rebuild everything from scratch (i.e. rerun quickstart.sh and recreate a new EC2) ?

TheTechOddBug commented 7 years ago

First, the issue regarding to remote monitoring of containers is not an ADOP issue but a docker/docker-machine issue. In any case, if you execute "eval $(docker-machine env [adop-instance-name])" from a bash console, you can, after that, execute docker commands (like docker ps) and you'll get the information from the docker daemon running on the ADOP instance.

Other point to take in mind regarding to monitoring is the fact that ADOP platform has an ELK stack running. You can use Kibana to review the logs from all the containers inside the platform.

And talking about containers management, you can restart any container using the method you want (i.e., from ADOP instance connected through ssh; using docker-machine remote connection;...). Be aware that some containers (like, for example, LDAP container) are needed to access to the running platform.

I hope this can help you.

nickdgriffin commented 7 years ago

In regard to managing the containers, we have the "compose" part of the ADOP CLI for that: https://accenture.github.io/adop-docker-compose/docs/reference/cli/compose/

This is what quickstart uses to set everything up, and also what you can use to launch ADOP on an existing Docker Engine. It takes care of sourcing all the right stuff so that you can run Compose commands against everything. It's certainly possible to do that by hand through sourcing, but the CLI is there to make it easier for you.