IRIS installation (Docker): Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Ddang (Diskussion | Beiträge) |
Ddang (Diskussion | Beiträge) |
||
| (9 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
| Zeile 3: | Zeile 3: | ||
=== IRIS version === | === IRIS version === | ||
| − | In the following text, you can find many commands that the current version of [[IRIS cloud system|IRIS]] | + | In the following text, you can find many commands that contain the current version of [[IRIS cloud system|IRIS]]. |
Please replace the version with the latest version of IRIS. | Please replace the version with the latest version of IRIS. | ||
| Zeile 21: | Zeile 21: | ||
Usually, Linux admin-rights are necessary for Docker-installations. | Usually, Linux admin-rights are necessary for Docker-installations. | ||
| − | + | The most commands therefore require a "sudo" in front or have to be executed as a root user. | |
| − | == | + | == Initial setup == |
| − | === | + | === Download / copy IRIS === |
| − | + | You receive a download link for IRIS from our support. | |
| − | + | To upload the container-image, you can upload the file via scp into the home directory of the Docker-host: | |
| − | scp iris-1.X.X.tar.gz < | + | scp iris-1.X.X.tar.gz <username>@<servername>:~/ |
| − | + | Alternatively, donwloading directlyon the machine via download link: | |
| − | wget < | + | wget <downloadlink> |
| − | === IRIS Docker | + | === Load IRIS Docker image === |
docker load -i iris-1.X.X.tar.gz | docker load -i iris-1.X.X.tar.gz | ||
| − | === | + | === Prepare volumes and networks === |
docker volume create hsc-db | docker volume create hsc-db | ||
docker volume create hsc-config | docker volume create hsc-config | ||
| − | docker network | + | === Create container from image === |
| + | docker create --name iris --hostname iris --network bridge --publish 80:80 --publish 443:443 --volume hsc-db:/var/lib/mysql --volume hsc-config:/etc/heidler --restart unless-stopped iris:1.X.X | ||
| − | === | + | === Start container === |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
docker start iris | docker start iris | ||
| − | === | + | === Check container logs === |
docker logs iris | docker logs iris | ||
| − | + | An entry should be displayed in the logs that sounds similar to:<syntaxhighlight lang="text" line="1" start="1"> | |
2023-02-08 17:22:38.926 -08 WARN [main] (init.ServiceInitializer:166) - A new user has been created.: | 2023-02-08 17:22:38.926 -08 WARN [main] (init.ServiceInitializer:166) - A new user has been created.: | ||
Username: root@localhost | Username: root@localhost | ||
Password: P6oV-GK3GYsdnn_5usDg1tBmn00 | Password: P6oV-GK3GYsdnn_5usDg1tBmn00 | ||
Please login with this user and change your password immediately! | Please login with this user and change your password immediately! | ||
| − | </syntaxhighlight> | + | </syntaxhighlight>Please note this username + password immediately. |
| − | + | If this entry does not appear, wait a moment und execute the command "docker logs iris" again. | |
| − | === | + | === Option 1: Configure your own SSL certificate === |
| − | + | By default, the docker container will publish a HTTPS server with a self signed certificate. | |
| − | + | This must be replaced by a public certificate from a recognized certificate authority. | |
| + | You will need the following files: | ||
| + | {| class="wikitable" | ||
| + | |+ | ||
| + | !File | ||
| + | !Format | ||
| + | !Encoding | ||
| + | !Description | ||
| + | |- | ||
| + | |ca.pem | ||
| + | |X.509 | ||
| + | |PEM | ||
| + | |The certificate of the recognized certifcate authoriuty | ||
| + | |- | ||
| + | |server-cert.pem | ||
| + | |X.509 | ||
| + | |PEM | ||
| + | |The issued certificate for your server | ||
| + | |- | ||
| + | |server-privatekey-pkcs8.pem | ||
| + | |PKCS#8 | ||
| + | |PEM | ||
| + | |The private key for your server | ||
| + | |} | ||
| − | + | Please place the files under the above mentioned filename into the following folder, as seen by the container: | |
| + | /etc/heidler/ssl/public | ||
| − | + | This folder is being provided by the docker volume "hsc-config". | |
| − | + | To find out which folder on the host machine this folder belongs to, you can use the following command: | |
| + | docker volume inspect hsc-config | ||
| + | The parameter "Mountpoint" contains the local path. | ||
| − | + | Example: | |
| − | + | "Mountpoint": "/var/lib/docker/volumes/hsc-config/_data" | |
| − | + | This would be the path where the files should be placed: | |
| − | + | /var/lib/docker/volumes/hsc-config/_data/ssl/public | |
| − | + | === Option 2: Generate a certificate using Let's Encrypt™ === | |
| + | Note: Using this option means that you accept the terms of service for Let's Encrypt. The TOS can be reviewed here: https://letsencrypt.org/repository/ | ||
| − | + | The public HTTPS certificate will be requested using certbot: https://certbot.eff.org/ | |
| − | |||
| + | To use this service, simply add two environment variables when creating the docker container: | ||
| + | --env LETSENCRYPT=<your public domain> --env LETSENCRYPTEMAIL=<your email address to receive notifications about this certificate> | ||
| + | Full example: | ||
| + | docker create --name iris --hostname iris --network bridge --publish 80:80 --publish 443:443 --env LETSENCRYPT=iris.yourcompany.com --env LETSENCRYPTEMAIL=it@yourcompany.com --volume hsc-db:/var/lib/mysql --volume hsc-config:/etc/heidler --restart unless-stopped iris:1.X.X | ||
| + | You should of course replace the values in this example according to your domain and email address. | ||
== Updates == | == Updates == | ||
| − | === | + | === Download / copy IRIS === |
| − | + | You receive a download link for IRIS from our support. | |
| − | + | To upload the container-image, you can upload the file via scp into the home directory of the Docker-host: | |
| − | scp iris-1.X.X.tar.gz < | + | scp iris-1.X.X.tar.gz <username>@<servername>:~/ |
| − | + | Alternatively, donwloading directlyon the machine via download link: | |
| − | wget < | + | wget <downloadlink> |
| − | === Docker | + | === Load IRIS Docker image === |
docker load -i iris-1.X.X.tar.gz | docker load -i iris-1.X.X.tar.gz | ||
| − | === IRIS | + | === Stop IRIS === |
| − | + | Note: After this, IRIS is unavailable for approx. 1 minute | |
docker stop iris | docker stop iris | ||
| − | === IRIS | + | === Delete IRIS container === |
docker rm iris | docker rm iris | ||
| − | === | + | === Create new IRIS container with new version === |
| − | docker create --name iris --network bridge -- | + | docker create --name iris --hostname iris --network bridge --publish 80:80 --publish 443:443 --volume hsc-db:/var/lib/mysql --volume hsc-config:/etc/heidler --restart unless-stopped iris:1.X.X |
| − | |||
| − | |||
| − | |||
| − | === | + | === Start container === |
docker start iris | docker start iris | ||
| − | === | + | === Remove old container image === |
| − | + | Note! Replace in the following command, version 1.X.X with previous (not current) version of IRIS | |
docker image rm iris:1.X.X | docker image rm iris:1.X.X | ||
Aktuelle Version vom 26. April 2023, 14:53 Uhr
Information
IRIS version
In the following text, you can find many commands that contain the current version of IRIS.
Please replace the version with the latest version of IRIS.
Example:
docker load -i iris-1.X.X.tar.gz
to
docker load -i iris-1.0.8.tar.gz
or rather the latest version
Docker on Linux
Following description applies to the installation of Docker on Linux.
For other operating systems, the commands or steps must be changed accordingly.
Usually, Linux admin-rights are necessary for Docker-installations.
The most commands therefore require a "sudo" in front or have to be executed as a root user.
Initial setup
Download / copy IRIS
You receive a download link for IRIS from our support.
To upload the container-image, you can upload the file via scp into the home directory of the Docker-host:
scp iris-1.X.X.tar.gz <username>@<servername>:~/
Alternatively, donwloading directlyon the machine via download link:
wget <downloadlink>
Load IRIS Docker image
docker load -i iris-1.X.X.tar.gz
Prepare volumes and networks
docker volume create hsc-db
docker volume create hsc-config
Create container from image
docker create --name iris --hostname iris --network bridge --publish 80:80 --publish 443:443 --volume hsc-db:/var/lib/mysql --volume hsc-config:/etc/heidler --restart unless-stopped iris:1.X.X
Start container
docker start iris
Check container logs
docker logs iris
An entry should be displayed in the logs that sounds similar to:
2023-02-08 17:22:38.926 -08 WARN [main] (init.ServiceInitializer:166) - A new user has been created.:
Username: root@localhost
Password: P6oV-GK3GYsdnn_5usDg1tBmn00
Please login with this user and change your password immediately!Please note this username + password immediately.
If this entry does not appear, wait a moment und execute the command "docker logs iris" again.
Option 1: Configure your own SSL certificate
By default, the docker container will publish a HTTPS server with a self signed certificate.
This must be replaced by a public certificate from a recognized certificate authority.
You will need the following files:
| File | Format | Encoding | Description |
|---|---|---|---|
| ca.pem | X.509 | PEM | The certificate of the recognized certifcate authoriuty |
| server-cert.pem | X.509 | PEM | The issued certificate for your server |
| server-privatekey-pkcs8.pem | PKCS#8 | PEM | The private key for your server |
Please place the files under the above mentioned filename into the following folder, as seen by the container:
/etc/heidler/ssl/public
This folder is being provided by the docker volume "hsc-config".
To find out which folder on the host machine this folder belongs to, you can use the following command:
docker volume inspect hsc-config
The parameter "Mountpoint" contains the local path.
Example:
"Mountpoint": "/var/lib/docker/volumes/hsc-config/_data"
This would be the path where the files should be placed:
/var/lib/docker/volumes/hsc-config/_data/ssl/public
Option 2: Generate a certificate using Let's Encrypt™
Note: Using this option means that you accept the terms of service for Let's Encrypt. The TOS can be reviewed here: https://letsencrypt.org/repository/
The public HTTPS certificate will be requested using certbot: https://certbot.eff.org/
To use this service, simply add two environment variables when creating the docker container:
--env LETSENCRYPT=<your public domain> --env LETSENCRYPTEMAIL=<your email address to receive notifications about this certificate>
Full example:
docker create --name iris --hostname iris --network bridge --publish 80:80 --publish 443:443 --env LETSENCRYPT=iris.yourcompany.com --env LETSENCRYPTEMAIL=it@yourcompany.com --volume hsc-db:/var/lib/mysql --volume hsc-config:/etc/heidler --restart unless-stopped iris:1.X.X
You should of course replace the values in this example according to your domain and email address.
Updates
Download / copy IRIS
You receive a download link for IRIS from our support.
To upload the container-image, you can upload the file via scp into the home directory of the Docker-host:
scp iris-1.X.X.tar.gz <username>@<servername>:~/
Alternatively, donwloading directlyon the machine via download link:
wget <downloadlink>
Load IRIS Docker image
docker load -i iris-1.X.X.tar.gz
Stop IRIS
Note: After this, IRIS is unavailable for approx. 1 minute
docker stop iris
Delete IRIS container
docker rm iris
Create new IRIS container with new version
docker create --name iris --hostname iris --network bridge --publish 80:80 --publish 443:443 --volume hsc-db:/var/lib/mysql --volume hsc-config:/etc/heidler --restart unless-stopped iris:1.X.X
Start container
docker start iris
Remove old container image
Note! Replace in the following command, version 1.X.X with previous (not current) version of IRIS
docker image rm iris:1.X.X