-
Notifications
You must be signed in to change notification settings - Fork 4
Starting Manticore and Environment Variables
Manticore runs in a Docker container and is provisioned by Nomad, just like with sdl_core and generic_hmi. However, Manticore needs some environment variables before it can function properly. Everything you need to generate and submit the Manticore job file is created for you under the /build folder. All you need to do is pass in the appropriate environment variables. Manticore uses dotenv so all your environment variables can be stored in a .env file inside the /build folder. Manticore's .gitignore will not push that file to repositories. You may use the recent Manticore images hosted on SmartDeviceLink's Docker Hub as the server image. Make sure to pull it first so that the server starts up faster:
sudo docker pull smartdevicelink/manticore:<tag version number>
Setting up the wrong configuration may cause Manticore to refuse to run. Therefore, it is important to understand what your configurations options are, as Manticore allows for lots of valid combinations. Check out this file for details on how this works. Not all the environment variables will be covered here.
# (REQUIRED) The docker image name of the Manticore server.
# Note that this environment variable is only used for the "manticore-job.js" file and not for the server
MANTICORE_IMAGE
# The logging level for Manticore. Defaults to 'debug'
# Set to 'error' to only log errors
LOG_LEVEL
# Whether the default Manticore webpage will be served to clients.
# Use this for testing job submissions. Defaults to false
WEBPAGE_DISABLED
# Whether CORS is enabled. Defaults to false
CORS
# The ARN of your SSL certificate for enabling secure connections
SSL_CERTIFICATE_ARN# How long a user is allowed to use the Manticore service uninterrupted (seconds)
USAGE_DURATION
# How long a user has after a warning before being booted off (seconds)
# The total time a user has to use Manticore while idling is therefore
# USAGE_DURATION + WARNING_DURATION
WARNING_DURATION
# Whether a client can send a WebSocket message to reset the amount of time
# before a user is removed from Manticore. This can be used to enforce a max
# limit of how long a user can use their jobs
RESET_TIMER_ALLOWED# The amount of time in seconds between health evaluations. Manticore will use
# the job history to determine healthiness, and submit jobs on its own behalf
# if there is no job history within this period
HEALTH_CHECK_PERIOD# Enables usage of JSON web tokens as the form of identification. If disabled,
# users are identified by an "id" property in the request body
JWT_SECRET# The name of your domain that you use to direct users to
# local ip addresses of resources
DOMAIN_NAME
# The lowest port and highest number that HAProxy can open ports on for
# TCP connections. Make sure your security groups are configured so that
# these ports can be accessed from anywhere and that there are no other
# programs on your OS that are currently using these ports.
TCP_PORT_RANGE_START
TCP_PORT_RANGE_END
# The port HAProxy opens for web traffic, including to Manticore
HAPROXY_HTTP_PORT# The region name of where Manticore is hosted (ex. us-east-1)
AWS_REGION# The name of the AWS ELB that Manticore should be controlling
ELB_MANTICORE_NAME
# The port for the SSL protocol listener for the ELB. Do not make it 443!
# You should be using a classic load balancer for Manticore, and
# WebSocket and HTTP connections cannot happen on the same port in this case!
ELB_WS_PORT# The security group ID that will allow access to Manticore's internal network
AWS_HAPROXY_GROUP_ID
# The security group ID that will allow access through Manticore's
# external load balancer
AWS_ELB_GROUP_IDEncrypted Traffic Mode (Requires enabled AWS mode, enabled ELB mode and a valid SSL_CERTIFICATE_ARN)
# Whether to encrypt HTTP traffic to jobs and to the server. Defaults to false
ELB_ENCRYPT_HTTP
# Whether to encrypt WS traffic to jobs and to the server. Defaults to false
ELB_ENCRYPT_WS
# Whether to encrypt TCP traffic to jobs. Defaults to false
ELB_ENCRYPT_TCPWhile in the build folder (NOT THE SERVER FOLDER), type the following to install dependencies and start the job submission process
npm install
npm startYou can check your status of jobs running the following:
# For all jobs
nomad status -address=http://<IP of this machine>:4646
# For specifically Manticore
nomad status -address=http://<IP of this machine>:4646 manticore
Copy the files out of the project to somewhere else. Edit the template-settings.hcl file and replace $LOCAL_IP with the IP address of this machine
Running consul-template in the background (go to the directory where this is located before running!):
sudo consul-template -config template-settings.hcl &
You may need to give ownership of /etc/haproxy/ and the configuration file within depending on how you run consul-template
Here's what you have to do if you want HTTPS and SSL through the ELB