Set up the admiral on one of the production CyHy instances

[chelsgr]

Summary

CISA operates a distributed certificate transparency log harvester (Admiral) to provide service in alignment with ED 19-01. This ticket tracks the need to host this scanner on a production CyHy instance.

Motivation and context

During this projects standup given timeline impacts, the Admiral was initially run on a host machine. Since the original design and solution, the number of customers signed up has increased dramatically. Setting up the Admiral on a production CyHy instance will be in alignment with the rest of the system design and allow the scan to run through completion on the allocated CyHy instance.

[mcdonnnj]

The best "home" for this is probably the BOD Docker instance as this is where other Docker-ized projects currently run and would require the least amount of work. Another option is Fargate (with ECS) but this would require more work. However, if running the Admiral takes a long enough time then it may be the best option so as not to monopolize the Docker instance.

[king-alexander]

I successfully tested Admiral on the BOD Docker. One important thing to note: the deploy configuration option doesn't work with the BOD Docker's version of docker-compose. In order to replicate Cert Workers, we'll have to use Swarm mode.