Home

Enabler consists of:

all L1 components from SymbioteCloud
EnablerResourceManager
EnablerPlatformProxy
DomainSpecificInterface (this is specific for each enabler)
one or more EnablerLogic (project EnablerLogic is library for implementing specific one).

Deploying enabler with Docker

There are two ways to run docker:

directly (on linux)
docker-machine (previously boot2docker). ATTENTION: this can not be used on virtual machine because docker-machine starts new virtual machine

This influences how to expose port in virtual machine to local machine.

There are also 2 ways to expose ports and provide certificates:

production environment
- PRECONDITIONS:
  - machine that you are deploying needs to have public IP address
  - machine needs to have valid DNS address
  - certificate for HTTPS need to be obtained (you can obtain free certificate by using Let’s Encrypt - will be explained later in document)
- ports from docker containers will mapped only to localhost and only port 443 will be exposed
hackathon (ngrok) environment
- this is suitable for testing and to run everything in local machine
- it is using ngrok tool to expose HTTPS port on the Internet

1. Preparation steps

1.1. Register user and configure your platform.

When registering enabler make sure that the Type is Enabler.

When getting the platform configuration you have to enter the following options:

Deployment Type: Docker

1.2. Installation prerequisites:

docker (18.03.x),
docker-compose (1.21.x),
docker-machine (0.14.x),
bash,
curl,
wget

1.3. Create folder for your deployment

mkdir enabler
change to that directory (e.g. cd enabler)
unzip the configuration files to the directory from the .zip downloaded earlier
copy the docker-compose files:
- docker-compose-prod-swarm-L1.yml for running in production (without ngrok)
- docker-compose-ngrok-swarm-L1.yml to run ngrok
- docker-compose-swarm-enabler.yml for generic enabler components and
- docker-compose-swarm-enabler-custom.yml for custom implementation of enabler logic.
  - here are commands for downloading:

$ wget https://github.com/symbiote-h2020/SymbioteCloud/raw/master/resources/docker/docker-compose/L1/docker-compose-prod-swarm-L1.yml
$ wget https://github.com/symbiote-h2020/SymbioteCloud/raw/master/resources/docker/docker-compose/L1/docker-compose-ngrok-swarm-L1.yml
$ wget https://github.com/symbiote-h2020/SymbioteEnabler/raw/master/resources/docker/docker-compose/enabler/docker-compose-swarm-enabler.yml
$ wget https://github.com/symbiote-h2020/SymbioteEnabler/raw/master/resources/docker/docker-compose/enabler/docker-compose-swarm-enabler-custom.yml

In some YML files are parts that are configuring PROXY. If you use proxy it should be uncommented and changed according to your proxy server and if you do not use it please comment those parts by putting # in the beginning of line. Parameters related to proxy are: JAVA_HTTP_PROXY, JAVA_HTTPS_PROXY, JAVA_SOCKS_PROXY and JAVA_NON_PROXY_HOSTS.

Important Note:

The compose files have been configured to block incoming external traffic to components other than the nginx when docker compose is used. However, this is not possible when using docker swarm. Consequently, the Platform Owners need to block the incoming external traffic to components by using other means e.g. iptables in all the swarm nodes.

2. Configuring and starting components depending on your preferred deployment

Here is table with instructions based on preferred deployment:

Environment	docker directly (on linux)	docker-machine
production environment	section 2.1	section 2.2
hackathon environment (ngrok)	section 2.3	section 2.4

2.1. Production, without docker-machine (boot2docker)

Obtain certificate as described in https://github.com/symbiote-h2020/SymbioteCloud/wiki/2.1-Configuration-of-NGINX#2111-obtaining-the-ssl-certificate
- Create a directory nginx-certificates inside your enabler's directory $ mkdir nginx-certificates
- Copy certificates to nginx-certificates. e.g. for Let's Encrypt you have to do the following:
  $ sudo cp /etc/letsencrypt/live/{your domain}/fullchain.pem nginx-certificates
  $ sudo cp /etc/letsencrypt/live/{your domain}/privkey.pem nginx-certificates
Run docker swarm init if the node is not a swarm manager. We use the swarm mode so that secrets are encrypted during transit and at rest. Docker secrets are only available to swarm services and not to standalone containers.
To deploy the enabler you can run the following command:
docker stack deploy -c docker-compose-swarm-enabler.yml -c docker-compose-prod-swarm-L1.yml -c docker-compose-swarm-enabler-custom.yml symbiote-enabler
You can change the name of the service stack (symbiote-enabler) to be used.
You can run:
- docker stack ls to list the stack and check the number of services used.
- docker image ls to check that all images have been created. It may take a while to pull all the images from DockerHub for the first time.
- docker service ls to list the services and check their status. Wait until the actual number of tasks (replicas) for each service is not 0.
- docker logs <container_name> -f to get access to and follow the logs of a service. A component is ready when a message similar to Started <component_name> in 105.045 seconds (JVM running for 112.933) appears in the logs of the container.
- sudo service docker restart to restart the docker service if needed and repeat the steps.
Run docker stack rm symbiote-enabler to stop the application and remove the service stack. Services, networks, and secrets associated with the stack will be removed.
You can run docker swarm leave --force to leave the swarm.

2.2. Production, with docker-machine (boot2docker)

Obtain certificate as described previously in Section 2.1.1
The following command maps
- port 443 in default docker-machine (localhost:443) to
- local computer at port 443 on all interfaces (0.0.0.0:443)
  docker-machine ssh default -L 0.0.0.0:443:localhost:443
Run steps 2-6 as described previously in Section 2.1.

2.3. Hackathon, without docker-machine (boot2docker)

Before starting with hackathon environment you need to install ngrok (https://github.com/symbiote-h2020/SymbioteCloud/wiki/2.1-Configuration-of-NGINX#2121-ngrok).

Attention: If ngrok URL is different then in core then you have to change it and download new configuration.zip. Here are instructions:
- Update ngrok link in administration in core (see instructions)
- Download configuration.zip as stated in Section 1.1
- Unzip the configuration files to the enabler directory from the .zip downloaded in previous step
Run docker swarm init if the node is not a swarm manager. We use the swarm mode so that secrets are encrypted during transit and at rest. Docker secrets are only available to swarm services and not to standalone containers.
To deploy the enabler you can simply run:
docker stack deploy -c docker-compose-swarm-enabler.yml -c docker-compose-ngrok-swarm-L1.yml -c docker-compose-swarm-enabler-custom.yml symbiote-enabler
You can change the name of the service stack (symbiote-enabler) to be used.
You can run:
- docker stack ls to list the stack and check the number of services used.
- docker image ls to check that all images have been created. It may take a while to pull all the images from DockerHub for the first time.
- docker service ls to list the services and check their status. Wait until the actual number of tasks (replicas) for each service is not 0.
- docker logs <container_name> -f to get access to and follow the logs of a service. A component is ready when a message similar to 'Started <component_name> in 105.045 seconds (JVM running for 112.933)' appears in the logs of the container.
- sudo service docker restart to restart the docker service if needed and repeat the steps.
Run docker stack rm symbiote-enabler to stop the application and remove the service stack. Services, networks, and secrets associated with the stack will be removed.
You can run docker swarm leave --force to leave the swarm.

2.4. Hackathon, with docker-machine (boot2docker)

Before starting with hackathon environment you need to install ngrok (https://github.com/symbiote-h2020/SymbioteCloud/wiki/2.1-Configuration-of-NGINX#2121-ngrok).

Attention: If ngrok URL is different then in core then you have to change it and download new configuration.zip. Here are instructions:
- Update ngrok link in administration in core (see instructions)
- Download configuration.zip as stated in Section 1.1
- Unzip the configuration files to the enabler directory from the .zip downloaded in previous step
Start docker-machine by running docker-machine start default. Default is the name of virtual machine.
Set environment variables by running docker-machine env default and run last line that is on the screen. Setting environment variables depends on your computer where you run docker-machine.
Run docker swarm init if the node is not a swarm manager.
Run docker-machine ssh default -L 0.0.0.0:8102:localhost:8102.
To deploy the enabler run:
docker stack deploy -c docker-compose-swarm-enabler.yml -c docker-compose-ngrok-swarm-L1.yml -c docker-compose-swarm-enabler-custom.yml symbiote-enabler
You can change the name of the service stack (symbiote-enabler) to be used.
You can run:
- docker stack ls to list the stack and check the number of services used.
- docker image ls to check that all images have been created. It may take a while to pull all the images from DockerHub for the first time.
- docker service ls to list the services and check their status. Wait until the actual number of tasks (replicas) for each service is not 0.
- docker logs <container_name> -f to get access to and follow the logs of a service. A component is ready when a message similar to Started <component_name> in 105.045 seconds (JVM running for 112.933) appears in the logs of the container.
- sudo service docker restart to restart the docker service if needed and repeat the steps.
Run docker stack rm symbiote-enabler to stop the application and remove the service stack. Services, networks, and secrets associated with the stack will be removed.
You can run docker swarm leave --force to leave the swarm.