Add Docker Swarm

Step 1: Prepare Docker Swarm for monitoring.

Prerequisites and Credentials

Prerequisites and Credentials
Cloud Agent Configuration If the cloud agent communicates with Oracle Management Cloud through a proxy (OMC_PROXYHOST & OMC_PROXYPORT parameters were set on the cloud agent when it was installed), Docker Swarm discovery will fail. You’ll need to perform additional configuration steps depending on the following situations: For a New Agent Installation If the agent requires proxy to communicate with Oracle Management Cloud, then use the gateway and set the proxy parameters (OMC_PROXYHOST & OMC_PROXYPORT) during gateway installation, and then set up the cloud agent (without proxy parameters) to point to the gateway. For an Existing Agent If the existing cloud agent has been set up to use the proxy to communicate with Oracle Management Cloud, to discover Docker Swarm, execute the following commands on the cloud agent before performing entity discovery. `omcli setproperty agent -allow_new -name _configureProxyPerClient -value true omcli stop agent omcli start agent` Credentials There are three methods you can use to authenticate and connect to the Docker Swarm via Rest APIs 1) Non-secure 2) Secure (https): 1–way SSL mode 3) Secure (https): 2–way SSL mode

Cloud Agent Configuration

If the cloud agent communicates with Oracle Management Cloud through a proxy (OMC_PROXYHOST & OMC_PROXYPORT parameters were set on the cloud agent when it was installed), Docker Swarm discovery will fail. You’ll need to perform additional configuration steps depending on the following situations:

For a New Agent Installation

If the agent requires proxy to communicate with Oracle Management Cloud, then use the gateway and set the proxy parameters (OMC_PROXYHOST & OMC_PROXYPORT) during gateway installation, and then set up the cloud agent (without proxy parameters) to point to the gateway.

For an Existing Agent

If the existing cloud agent has been set up to use the proxy to communicate with Oracle Management Cloud, to discover Docker Swarm, execute the following commands on the cloud agent before performing entity discovery.

omcli setproperty agent -allow_new -name _configureProxyPerClient -value true 
omcli stop agent 
omcli start agent

Credentials

There are three methods you can use to authenticate and connect to the Docker Swarm via Rest APIs

1) Non-secure

2) Secure (https): 1–way SSL mode

3) Secure (https): 2–way SSL mode

Step 2: Decide how you want to add the Docker Swarm.

You can add Docker Swarm entities using one of two ways:

Add them from UI
Use the agent's omcli add_entity command with the appropriate JSON files

Adding Entities from the UI

From the Management Cloud main menu, select Administration, Discovery, and then Add Entity. The Add Entity page displays.
Select the Docker Swarm Entity Type.

Enter the following UI properties.

Docker Swarm UI Fields
Discover Using Credentials: Discover using Docker Swarm credentials (on by default). Entity Name: Your Docker Swarm name. Base URL of Swarm Leader: The base URL of the Swarm Leader for REST API invocations. Host Name: The fully-qualified host name where the Docker Swarm is installed. Cloud Agent: Cloud agent monitoring the host where the Docker Swarm is running. Monitoring Credentials (Docker Swarm Credentials) Store Location: The full path to the location of the keystore file. Store Password: The keystore password to access the JKS file. Store Type: Currently, only JKS is supported.

Docker Swarm UI Fields

Discover Using Credentials: Discover using Docker Swarm credentials (on by default).
Entity Name: Your Docker Swarm name.
Base URL of Swarm Leader: The base URL of the Swarm Leader for REST API invocations.
Host Name: The fully-qualified host name where the Docker Swarm is installed.
Cloud Agent: Cloud agent monitoring the host where the Docker Swarm is running.

Monitoring Credentials (Docker Swarm Credentials)

Store Location: The full path to the location of the keystore file.
Store Password: The keystore password to access the JKS file.
Store Type: Currently, only JKS is supported.

See Add Entities from the Console for detailed instructions on using the Add Entity UI.

Using omcli and the Appropriate JSON Files

Download and extract the required JSON file(s) from the master JSON zip file. See the table below for the specific JSON files you'll need.

Edit the file(s) and specify the requisite properties shown below.

Docker Swarm and Worker JSON Files and Properties

Docker Swarm and Worker JSON Files and Properties
Entity JSONs for Docker Swarm: Adding Non Secure Docker Swarm Target Definition File: Add_Entity_Docker_Swarm_Non_Secure.json Adding 1WAY Docker Swarm Target Definition File: Add_Entity_Docker_Swarm_1way_SSL.json Adding 2WAY Docker Swarm Target Definition File: Add_Entity_Docker_Swarm_2way_SSL.json Credential File:Docker_Swarm_Secure_Credentials.json Entity JSONs for Docker Worker Engines: Adding Non Secure Docker Worker Engine Definition File: Add_Entity_Worker_Docker_Engine_Non_Secure.json Adding 1WAY Docker Worker Engine Definition File: Add_Entity_Worker_Docker_Engine_1way_SSL.json Adding 2WAY Docker Worker Engine Definition: Add_Entity_Worker_Docker_Engine_2way_SSL.json Credential File: omc_docker_engine_sample_creds.json For properties that should be updated, replace any text inside brackets <> excluding these brackets with your values according the legend inside <> Examples of Base URLs: NON SECURE MODE - http://<hostname>:<port>/ (Rest API URL for Invocation) SECURE MODE- https://<hostname>:<port>/ (Rest API URL for Invocation) For Basic Authentication: "credentialRefs":["DockerSwarmCredRef"] Note: The same Docker Engine credential JSON is used for Worker Engines. For secure mode, in addition to configuring the JSONS, you need to add the Docker truststore certificate(CA ceritificate) to the Cloud Agent default truststore ($EMSTATE/sysman/config/montrust/AgentTrust.jks). To do so, run the following command: `omcli secure add_trust_cert_to_jks -password welcome -trust_certs_loc <certificate location> -alias dockercertificate` Example: In the following example, slce03.cer is the CA certificate. `omcli secure add_trust_cert_to_jks -password welcome -trust_certs_loc /home/sandepai/slce03.cert -alias dockercertificate` To fetch the Docker Swarm ID, do a GET on LEADER_BASE_URL/swarm For example, do a GET onhttp://myserver.mycompany.com:4243/swarm

Entity JSONs for Docker Swarm:

Adding Non Secure Docker Swarm Target

Definition File: Add_Entity_Docker_Swarm_Non_Secure.json

Adding 1WAY Docker Swarm Target

Definition File: Add_Entity_Docker_Swarm_1way_SSL.json

Adding 2WAY Docker Swarm Target

Definition File: Add_Entity_Docker_Swarm_2way_SSL.json

Credential File:Docker_Swarm_Secure_Credentials.json

Entity JSONs for Docker Worker Engines:

Adding Non Secure Docker Worker Engine

Definition File: Add_Entity_Worker_Docker_Engine_Non_Secure.json

Adding 1WAY Docker Worker Engine

Definition File: Add_Entity_Worker_Docker_Engine_1way_SSL.json

Adding 2WAY Docker Worker Engine

Definition: Add_Entity_Worker_Docker_Engine_2way_SSL.json

Credential File: omc_docker_engine_sample_creds.json

For properties that should be updated, replace any text inside brackets <> excluding these brackets with your values according the legend inside <>

Examples of Base URLs:

NON SECURE MODE - http://<hostname>:<port>/ (Rest API URL for Invocation)

SECURE MODE- https://<hostname>:<port>/ (Rest API URL for Invocation)

For Basic Authentication:

"credentialRefs":["DockerSwarmCredRef"]

Note:

The same Docker Engine credential JSON is used for Worker Engines.

For secure mode, in addition to configuring the JSONS, you need to add the Docker truststore certificate(CA ceritificate) to the Cloud Agent default truststore ($EMSTATE/sysman/config/montrust/AgentTrust.jks). To do so, run the following command:

omcli secure add_trust_cert_to_jks -password welcome -trust_certs_loc <certificate location> -alias dockercertificate

Example:

In the following example, slce03.cer is the CA certificate.

omcli secure add_trust_cert_to_jks -password welcome -trust_certs_loc /home/sandepai/slce03.cert -alias dockercertificate

To fetch the Docker Swarm ID, do a GET on LEADER_BASE_URL/swarm

For example, do a GET onhttp://myserver.mycompany.com:4243/swarm

Add the entity using omcli.

omcli add_entity agent DEFINITION_FILE [-credential_file CREDENTIAL_FILE [-encryption_method_gpg]]

Verify the status of the newly added entity.
```
omcli status_entity agent DEFINITION_FILE
```

See step 4. Adding Entities to Your Service of Add Entities Using JSON Files for more information.

Step 3: (Optional but recommended) Set up alerts.

To enable lights-out monitoring, you can set up alert rules to generate alerts and send notifications if your entities have performance issues.

See Set Up Alert Rules and Set Up Alert Thresholds and Notifications.

Troubleshooting

If you run into any issues regarding discovery or monitoring of Docker Swarm, see the following: