Added parallel light compose config (#196)

* Added parallel light compose config. Refactored all ION to outside of ANMS deployment.

* updated sockdir for amp-manager and ion-manger to and external volume

* Move host mount source to env config

* Update README.md

---------

Co-authored-by: David Linko <david.linko@jhuapl.edu>

Author: BrianSipos

.env

@@ -51,6 +51,10 @@ RENDERER_PORT=8081
 RENDERER_HOST_PORT=${DOCKER_CTR_PREFIX}grafana-image-renderer:${RENDERER_PORT}
 ION_MGR_PORT=8089
 HTTP_PORT:80
-SOCKDIR=/var/tmp/nm
+
+# Path (or volume name) on the host
+HOST_SOCKDIR=sockdir
+# Mount path on the containers
+CTR_SOCKDIR=/var/tmp/nm
 
 ADM_PATH=deps/dtnma-adms

.gitignore

@@ -4,6 +4,9 @@
 *~
 #*
 .#*
+.DS_Store
+.project
+.cproject
 
 # Python intermediates
 __pycache__
@@ -21,7 +24,3 @@ node_modules
 package-lock.json
 
 ion/configs/**/logs
-
-docker_data/grafana_vol
-
-.DS_Store

README.md

@@ -87,22 +87,27 @@ Choose the appropriate docker, podman or podman-compose commands in the directio
 - Clone this repository recursively (`git clone --recursive https://github.com/NASA-AMMOS/anms.git`)
 - Setup Volume containing PKI configuration (certificate chains and private keys):
   - `./create_volume.sh ./puppet/modules/apl_test/files/anms/tls`
-- Build Core Images using either:
-  - `docker compose build`
-  - `podman compose build`
-  - `podman-compose --podman-build-args='--format docker' build`
+- Build Core Images using one of the following:
+  - `docker compose -f docker-compose.yml build`
+  - `podman compose -f docker-compose.yml build`
+  - `podman-compose --podman-build-args='--format docker' -f docker-compose.yml build`
     - Note: The docker format argument here enables suppoort for HEALTHCHECK. If omitted, the system will run but will be unable to report the health of the system.  This flag does not appear necessary when using the no-dash version of compose.
-- Build Agent images
+- Build test environemnt images using one of the following:
   - `docker compose -f testenv-compose.yml build`
   - `podman compose -f testenv-compose.yml build`
-  - `podman-compose -f testenv-compose.yml --podman-build-args='--format docker' build`
-- Start System. Note: You may omit the `-d` argument to keep logs in the foreground.
-  - `docker compose up -d`
-  - `podman compose up -d`
-- Start additional ION Agent Nodes
+  - `podman-compose --podman-build-args='--format docker' -f testenv-compose.yml build`
+- Start System using one of the following:
+  - `docker compose -f docker-compose.yml up -d`
+  - `podman compose -f docker-compose.yml up -d`
+- Start ION nodes for manager and test agents using one of the following:
   - `docker compose -f testenv-compose.yml up -d`
   - `podman compose -f testenv-compose.yml up -d`
 
+### Alternative "light" Deployment
+
+In the above steps, replacing `docker-compose.yml` with `light-compose.yml` will cause a "light" deployment of the ANMS focused on browser-less API-only ANMS users.
+This compose config is explained in more detail in the ANMS Product Guide, but simply removes containers that only support web-browser user agents.
+
 ### Alternative Build.sh setup script (deprecated, docker-only)
 The ANMS repository contains a build script which will build and run multiple Docker containers.
 These containers comprise the ANMS software and services, including demonstration AMP agents running on non-ANMS containers.

create_volume.sh

@@ -45,3 +45,6 @@ do
 done
 
 ${DOCKER_CMD} stop ${CTRNAME} >/dev/null
+
+# creating socket volume 
+${DOCKER_CMD} volume create sockdir    

deps/dtnma-tools

@@ -106,8 +106,6 @@ COPY --chmod=755 dtnma-tools/systemd/service_is_running.sh /usr/local/bin/servic
 # Test tools
 RUN apt-get update && apt-get install -y \
     curl git tshark postgresql-client
-RUN pip3 install --break-system-packages git+https://github.com/JHUAPL-DTNMA/dtnma-ace.git@apl-fy24
-RUN git clone --branch apl-fy24 https://github.com/JHUAPL-DTNMA/dtnma-adms.git /usr/local/share/ace/adms
 
 # REFDA and REFDM to test
 RUN apt-get update && apt-get install -y \
@@ -146,6 +144,7 @@ EXPOSE 8089/tcp
 HEALTHCHECK --start-period=10s --interval=30s --timeout=5s --retries=5 \
     CMD ["service_is_running", "refdm-proxy"]
 
+
 FROM testenv AS ion-manager
 
 # Systemd services
@@ -158,6 +157,8 @@ RUN systemctl enable ion bpecho@4 ion-app-proxy dumpcap && \
 # Runtime config for this container
 COPY dtnma-tools/integration-test-ion/node-*.rc /etc/ion/
 COPY test-ion-configs/mgr.rc etc/ion/
+
+EXPOSE 1113/udp
 EXPOSE 4556/udp
 
 HEALTHCHECK --start-period=10s --interval=30s --timeout=5s --retries=5 \
@@ -180,6 +181,7 @@ COPY test-ion-configs/agent-3.rc /etc/ion/node-3.rc
 # COPY test-ion-configs/agent-2.rc etc/ion/
 # COPY test-ion-configs/agent-3.rc etc/ion/
 
+EXPOSE 1113/udp
 EXPOSE 4556/udp
 
 HEALTHCHECK --start-period=10s --interval=30s --timeout=5s --retries=5 \

deps/reftools.Dockerfile

@@ -30,23 +30,18 @@ name: anms
 networks:
   default:
     name: ${DOCKER_CTR_PREFIX}anms
-    attachable: true
     driver_opts:
       com.docker.network.bridge.name: br-${DOCKER_CTR_PREFIX}anms
       com.docker.network.driver.mtu: 65535
-    ipam:
-      config:
-        - subnet: 10.5.0.0/16
-          gateway: 10.5.0.1
+
 volumes:
   grafana-data: {}
   postgres-data: {}
   opensearch: {}
   ammos-tls:
     external: true
   sockdir:
-    # shared sockets
-
+    external: true
 
 services:
   builder-base:
@@ -88,8 +83,7 @@ services:
       AGENT_NAME: ${CAM_AGENT_NAME}
       AGENT_PASSWORD: ${CAM_AGENT_PASSWORD}
       CAM_GW_URL: "https://${ANMS_GW_FQDN}:443/"
-      PROXY_URLS: "core,http://anms-core:5555 grafana,http://grafana:3000 grafana/api/live,http://grafana:3000 renderer,http://grafana-image-renderer:8081 adminer,http://adminer:8080 nm,http://ion-manager:8089 http://anms-ui:9030"
-      NOT_ENFORCED_URLS: "http://nginx/favicon.ico"
+      PROXY_URLS: "core,http://anms-core:5555 grafana,http://grafana:3000 grafana/api/live,http://grafana:3000 renderer,http://grafana-image-renderer:8081 adminer,http://adminer:8080 nm,http://amp-manager:8089 http://anms-ui:9030"
     volumes:
       - ammos-tls:/ammos/etc/pki/tls:ro
 
@@ -179,50 +173,6 @@ services:
       mqtt-broker:
         condition: service_healthy
 
-  grafana:
-    hostname: grafana
-    image: ${DOCKER_IMAGE_PREFIX}anms-grafana:${DOCKER_IMAGE_TAG}
-    build:
-      # NOTE: Custom image currently needed only for SSL-cert purposes
-      context: grafana
-    restart: unless-stopped
-    security_opt:
-      - "label=type:grafana.process"
-    ports:
-      - "${GRAFANA_PORT:-3000}:3000"
-    depends_on:
-      - grafana-image-renderer
-    environment:
-      - GF_RENDERING_SERVER_URL=http://${RENDERER_HOST_PORT}/render
-      - GF_RENDERING_CALLBACK_URL=http://${GRAFANA_HOST_PORT}/
-      - GF_SERVER_ROOT_URL=http://${ANMS_GW_FQDN}/grafana/
-    volumes:
-      - "grafana-data:/var/lib/grafana"
-
-  grafana-image-renderer:
-    hostname: grafana-image-renderer
-    image: docker.io/grafana/grafana-image-renderer
-    restart: unless-stopped
-    security_opt:
-      - "label=type:grafana-image-renderer.process"
-    ports:
-      - "${RENDERER_PORT:-8081}:8081"
-
-  redis:
-    hostname: redis
-    image: docker.io/library/redis:6.0-alpine
-    restart: unless-stopped
-    security_opt:
-      - "label=type:redis.process"
-    ports:
-      - "${REDIS_PORT:-6379}:6379"
-    healthcheck:
-      test: ["CMD", "redis-cli" ,"-h", "localhost", "ping"]
-      interval: 15s
-      timeout: 60s
-      retries: 5
-    command: redis-server --databases 1 --bind 0.0.0.0 --port ${REDIS_PORT:-6379}
-
   aricodec:
     hostname: aricodec
     image: ${DOCKER_IMAGE_PREFIX}aricodec:${DOCKER_IMAGE_TAG}
@@ -272,6 +222,51 @@ services:
       DB_PASSWORD: ${DB_PASSWORD}
       DB_NAME: ${DB_NAME}
       REDIS_URI_HOSTNAME: redis
+
+  grafana:
+    hostname: grafana
+    image: ${DOCKER_IMAGE_PREFIX}anms-grafana:${DOCKER_IMAGE_TAG}
+    build:
+      # NOTE: Custom image currently needed only for SSL-cert purposes
+      context: grafana
+    restart: unless-stopped
+    security_opt:
+      - "label=type:grafana.process"
+    ports:
+      - "${GRAFANA_PORT:-3000}:3000"
+    depends_on:
+      - grafana-image-renderer
+    environment:
+      - GF_RENDERING_SERVER_URL=http://${RENDERER_HOST_PORT}/render
+      - GF_RENDERING_CALLBACK_URL=http://${GRAFANA_HOST_PORT}/
+      - GF_SERVER_ROOT_URL=http://${ANMS_GW_FQDN}/grafana/
+    volumes:
+      - "grafana-data:/var/lib/grafana"
+
+  grafana-image-renderer:
+    hostname: grafana-image-renderer
+    image: docker.io/grafana/grafana-image-renderer
+    restart: unless-stopped
+    security_opt:
+      - "label=type:grafana-image-renderer.process"
+    ports:
+      - "${RENDERER_PORT:-8081}:8081"
+
+  redis:
+    hostname: redis
+    image: docker.io/library/redis:6.0-alpine
+    restart: unless-stopped
+    security_opt:
+      - "label=type:redis.process"
+    ports:
+      - "${REDIS_PORT:-6379}:6379"
+    healthcheck:
+      test: ["CMD", "redis-cli" ,"-h", "localhost", "ping"]
+      interval: 15s
+      timeout: 60s
+      retries: 5
+    command: redis-server --databases 1 --bind 0.0.0.0 --port ${REDIS_PORT:-6379}
+
   anms-core:
     hostname: anms-core
     image: ${DOCKER_IMAGE_PREFIX}anms-core:${DOCKER_IMAGE_TAG}
@@ -295,22 +290,13 @@ services:
       builder-acelib:
         # Not expected to run, but needed here to ensure build dependency
         condition: service_started
-      ion-manager:
+      amp-manager:
         condition: service_started
       postgres:
         condition: service_healthy
       mqtt-broker:
         condition: service_healthy
 
-  adminer:
-    hostname: adminer
-    image: docker.io/library/adminer:latest
-    restart: unless-stopped
-    security_opt:
-      - "label=type:adminer.process"
-    ports:
-      - "${ADMINER_PORT:-8080}:8080"
-
   amp-manager:
     hostname: amp-manager
     build:
@@ -322,94 +308,21 @@ services:
     depends_on:
       postgres:
         condition: service_healthy
-      ion-manager:
-        condition: service_started
+      # no strict dependence on testenv, but operational dependence
     privileged: true
     tty: true
     cap_add:
       - NET_ADMIN
       - NET_RAW
       - SYS_NICE
     volumes:
-      - "sockdir:${SOCKDIR}"
+      - "${HOST_SOCKDIR}:${CTR_SOCKDIR}"
     environment:
       container: docker
       DTNMA_LOGLEVEL: debug
-      AMP_PROXY_SOCKET: "${SOCKDIR}/proxy.sock"
+      AMP_PROXY_SOCKET: "${CTR_SOCKDIR}/proxy.sock"
       DB_HOST: postgres
       DB_USER: ${DB_USER}
       DB_PASSWORD: ${DB_PASSWORD}
       DB_NAME: ${DB_NAME}
 
-  ion-manager:
-    hostname: ion-manager
-    build:
-      context: deps
-      dockerfile: reftools.Dockerfile
-      target: ion-manager
-    depends_on: {}
-    privileged: true
-    tty: true
-    cap_add:
-      - NET_ADMIN
-      - NET_RAW
-      - SYS_NICE
-    volumes:
-      - "/var/tmp/pcap:/var/log/pcap"
-      - "sockdir:${SOCKDIR}"
-    environment:
-      container: docker
-      DTNMA_LOGLEVEL: debug
-      AMP_PROXY_SOCKET: "${SOCKDIR}/proxy.sock"
-      ION_NODE_NUM: 1
-      MGR_NODE_NUM: 1
-      DUMPCAP_OUTFILE: /var/log/pcap/manager.pcap
-      DUMPCAP_OPTS: -i lo -i eth0
-    networks:
-      default:
-        ipv4_address: 10.5.0.101
-
-  # ion-manager:
-  #   hostname: ion-manager
-  #   image: ${DOCKER_IMAGE_PREFIX}ion-manager:${DOCKER_IMAGE_TAG}
-  #   build:
-  #     context: deps
-  #     dockerfile: reftools.Dockerfile
-  #     target: ion-manager
-  #   restart: unless-stopped
-  #   security_opt:
-  #     - "label=type:ion-manager.process"
-  #   ports:
-  #     - "1113:1113/udp"
-  #     - "4556:4556/udp"
-  #     - "${ION_MGR_PORT:-8089}:8089"
-  #   networks:
-  #     default:
-  #       ipv4_address: 10.5.0.101
-  #   extra_hosts:
-  #     - ion-agent2:10.5.0.102
-  #     - ion-agent3:10.5.0.103
-  #   depends_on:
-  #     builder-init:
-  #         # Not expected to run, but needed here to ensure build dependency
-  #       condition: service_started
-  #     postgres:
-  #       condition: service_healthy
-  #   privileged: true
-  #   tty: true
-  #   cap_add:
-  #     - NET_ADMIN
-  #     - NET_RAW
-  #     - SYS_NICE
-  #   environment:
-  #     container: docker
-  #     ION_NODE_NUM: 1
-  #     MGR_NODE_NUM: 1
-  #     DB_HOST: postgres
-  #     DB_USER: ${DB_USER}
-  #     DB_PASSWORD: ${DB_PASSWORD}
-  #     DB_NAME: ${DB_NAME}
-
-
-
-