aka: winter[sulgen] is coming
Geohash: u0w8j, Wintersulgen lies in the beautiful Deggenhauser valley in Southern Germany (something similar to the Nappa Valley) and is in vicinity to global hubs like Zurich, Zug Crypto Valley, Friedrichshafen the birthplace of the Zeppelin and many more.
We want to use the Docker for AWS feature to spin up a complete Docker Swarm including VPC, networking etc so we oly need to worry about the archivist details.
Apart from registering an account on AWS you would need also a key pair. Go to AWS EC2 Dashboard and select Key pairs. You can either import and existing key or create a new one. Once you click create new the my-key-par.pem file will be created and downloaded to your PC.
Use the chmod command to make sure your private key file isn't publicly viewable.
chmod 400 my-key-pair.pem
To ssh ito your manager node once the swarm is up, lookup the manager_node public dns names and ssh with below command (user is docker for dockerswarm)
ssh -i /path/my-key-pair.pem docker@public_dns_name_of_manager_node
- docker-stack.yml
As a first step I translated the instruction from xyo into a docker swarm compose yml file.
To create a Docker Swarm with variable amount of manager/worker nodes there is already excellent documentation here Only caveat since we will be using external cloudstor volumes is to make sure the answer to Create EFS prerequisites for Cloudstor (Default is No) is selected 'YES'
Once the swarm is up you can ssh into one of the manager nodes and grep the yml file from the github repo.
Then simply adjust the parameters as needed and bring up the stack with
- docker stack deploy -c docker-stack.yml xyo
- docker-stack-replica.yml
mysql replication in swarm node taken from here
The highlevel sequence of steps as follows
-
Create the docker swarm. From the Outputs tab of the cloudformation screen capture the following settings. VPCID (to configure RDS using the same private zone) and SwarmWideSecurityGroupID (to allow inbound connection from the nodes to the RDS instance
-
create RDS (Internal) <== uses above VPC, new Security Group
-
once the RDS is up, go to the inbound security group of the RDS instance and add the rules for TCP/3306 access for the SwarmWideSecurityGroupID
-
download the docker-rds.yml and update the SQL_HOST with the endpoint of the RDS service <your_instance>.rds.amazonaws.com>
In the AWS CloudFormation Dashboard you will see the 'Stacks' and status. You should delete the Stack ffrom this screen so it will remove again all the resources and leave a clean sheet.
If you click on your stack you come to the detail screen and under 'Outputs' there are the key parameters you need.
- DefaultDNSTarget: This is the public DNS which exposes the ports to outside world. So use this url in a web browser to access the graphQL on port 11001. To connect your geo-mining kit bridge to your archivist you need to retrieve the IP associated to that DNS and use this IP address and port 11000 in your bridge archivist setting.
- Managers: This provides a link into AWS Console listing your manager nodes. Select one and use the public DNS listed in the AWS console to SSH.
- VPCID and SecurityGroupIDs: in case you want to try the setup of RDS stack