-
Notifications
You must be signed in to change notification settings - Fork 4
Finishing set up
In case you are unsure of a starting point, here are the following I've used for development:
- Both machines will have a custom security group with the following inbound rules:
- SSH on port 22
- Custom TCP on ports 8400, 8500, 8600, 4646-4648, 8300-8302, and 20000-60000 (Nomad allocates containers on these ports), and only traffic inside the network can communicate over these ports
For the machines with Manticore and HAProxy running, there are additional rules needed:
- Custom TCP on port 80, and traffic from anywhere can access this port. This is how users access Manticore's web page.
- Custom TCP on a port range that the machine does not use, and traffic from anywhere can access this port. It's the developer's responsibility to ensure that opening these ports are safe. This range will be used to open up ports for TCP connections from the SDL app to core
Most of the ports are for Consul and Nomad to communicate with each other across machines in the same network. Additionally, the Manticore API server requires a lot of resources for use with many pairs of cores and HMIs. Therefore it is highly recommended to run Manticore on at least a t2.medium machine. Manticore may refuse to start if it's on something such as a t2.small. See here for what resources Manticore needs to run.
sudo yum install docker -y
sudo service docker start
sudo yum install haproxy -y
sudo yum install git -y
There is no further configuration needed here.
You need Nodejs and NPM in order to install Nodejs packages and start Manticore. Here are the instructions for installing NVM, which can easily install different version of Nodejs for you.
# See https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-a-centos-7-server
curl -sL https://raw.githubusercontent.com/creationix/nvm/v0.31.0/install.sh -o install_nvm.sh
bash install_nvm.sh
source ~/.bash_profile
Now do nvm ls-remote to see available versions and run
nvm install <version string>
nvm use <version string>
nvm alias default <version string>
You can download it here. consul-template has the responsibility of using Consul to generate the HAProxy configuration file. You will need consul-template running on every machine with HAProxy and Manticore. The template for HAProxy is already set up for you in /consul-template/haproxy.tmpl. In order to run it you should make an HCL file similar to the following.
consul = "<IP of your local client agent>:8500"
template {
# source is the location of Manticore's haproxy template
source = "/home/ec2-user/manticore/consul-template/haproxy.tmpl"
# destination is where the template will render. you will likely use the location below
destination = "/etc/haproxy/haproxy.cfg"
# the command to execute when the configuration file is updated. reload haproxy. The last part is there so that consul-template doesn't die upon receiving a signal to stop by haproxy
command = "sudo service haproxy reload || true"
# this is REALLY important. you want to limit the number of times haproxy reloads
# or else race conditions with processes can start happening which lead to processes staying around forever
# and messing up everything. a minimum limit of 1 second should be good enough.
wait = "1s:3s"
}
Run consul-template in the background:
sudo consul-template -config <location of the HCL file you made above> &
You may need to give ownership of /etc/haproxy/ and the configuration file within depending on how you run consul-template
If you're using HAProxy, you need a domain name that Manticore can use in order to set up custom external urls. This may involve using Route 53 to get a domain name. This guide will not cover how to get one.