Google Git
Sign in
apache / metron / 410993daf60dfe898a973fa8a9906ddbffd83208 / . / current-book / metron-contrib / metron-docker / index.html
blob: aad91344ddc10107fe5582d9fe836d188ae4e5bd [file] [log] [blame]
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia Site Renderer 1.8 from src/site/markdown/metron-contrib/metron-docker/index.md at 2019-05-14
| Rendered using Apache Maven Fluido Skin 1.7
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20190514" />
<meta http-equiv="Content-Language" content="en" />
<title>Metron &#x2013; Metron Docker</title>
<link rel="stylesheet" href="../../css/apache-maven-fluido-1.7.min.css" />
<link rel="stylesheet" href="../../css/site.css" />
<link rel="stylesheet" href="../../css/print.css" media="print" />
<script type="text/javascript" src="../../js/apache-maven-fluido-1.7.min.js"></script>
<script type="text/javascript">
$( document ).ready( function() { $( '.carousel' ).carousel( { interval: 3500 } ) } );
</script>
</head>
<body class="topBarDisabled">
<div class="container-fluid">
<div id="banner">
<div class="pull-left"><a href="http://metron.apache.org/" id="bannerLeft"><img src="../../images/metron-logo.png" alt="Apache Metron" width="148px" height="48px"/></a></div>
<div class="pull-right"></div>
<div class="clear"><hr/></div>
</div>
<div id="breadcrumbs">
<ul class="breadcrumb">
<li class=""><a href="http://www.apache.org" class="externalLink" title="Apache">Apache</a><span class="divider">/</span></li>
<li class=""><a href="http://metron.apache.org/" class="externalLink" title="Metron">Metron</a><span class="divider">/</span></li>
<li class=""><a href="../../index.html" title="Documentation">Documentation</a><span class="divider">/</span></li>
<li class="active ">Metron Docker</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2019-05-14</li>
<li id="projectVersion" class="pull-right">Version: 0.7.1</li>
</ul>
</div>
<div class="row-fluid">
<div id="leftColumn" class="span2">
<div class="well sidebar-nav">
<ul class="nav nav-list">
<li class="nav-header">User Documentation</li>
<li><a href="../../index.html" title="Metron"><span class="icon-chevron-down"></span>Metron</a>
<ul class="nav nav-list">
<li><a href="../../CONTRIBUTING.html" title="CONTRIBUTING"><span class="none"></span>CONTRIBUTING</a></li>
<li><a href="../../Upgrading.html" title="Upgrading"><span class="none"></span>Upgrading</a></li>
<li><a href="../../metron-analytics/index.html" title="Analytics"><span class="icon-chevron-right"></span>Analytics</a></li>
<li class="active"><a href="#"><span class="none"></span>Docker</a></li>
<li><a href="../../metron-contrib/metron-performance/index.html" title="Performance"><span class="none"></span>Performance</a></li>
<li><a href="../../metron-deployment/index.html" title="Deployment"><span class="icon-chevron-right"></span>Deployment</a></li>
<li><a href="../../metron-interface/index.html" title="Interface"><span class="icon-chevron-right"></span>Interface</a></li>
<li><a href="../../metron-platform/index.html" title="Platform"><span class="icon-chevron-right"></span>Platform</a></li>
<li><a href="../../metron-sensors/index.html" title="Sensors"><span class="icon-chevron-right"></span>Sensors</a></li>
<li><a href="../../metron-stellar/stellar-3rd-party-example/index.html" title="Stellar-3rd-party-example"><span class="none"></span>Stellar-3rd-party-example</a></li>
<li><a href="../../metron-stellar/stellar-common/index.html" title="Stellar-common"><span class="icon-chevron-right"></span>Stellar-common</a></li>
<li><a href="../../metron-stellar/stellar-zeppelin/index.html" title="Stellar-zeppelin"><span class="none"></span>Stellar-zeppelin</a></li>
<li><a href="../../use-cases/index.html" title="Use-cases"><span class="icon-chevron-right"></span>Use-cases</a></li>
</ul>
</li>
</ul>
<hr />
<div id="poweredBy">
<div class="clear"></div>
<div class="clear"></div>
<div class="clear"></div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"><img class="builtBy" alt="Built by Maven" src="../../images/logos/maven-feather.png" /></a>
</div>
</div>
</div>
<div id="bodyColumn" class="span10" >
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<h1>Metron Docker</h1>
<p><a name="Metron_Docker"></a></p>
<p>Metron Docker is a <a class="externalLink" href="https://docs.docker.com/compose/overview/">Docker Compose</a> application that is intended only for development and integration testing of Metron. These images can quickly spin-up the underlying components on which Apache Metron runs.</p>
<p>None of the core Metron components are setup or launched automatically with these Docker images. You will need to manually setup and start the Metron components that you require. You should not expect to see telemetry being parsed, enriched, or indexed. If you are looking to try-out, experiment or demo Metron capabilities on a single node, then the <a href="../../metron-deployment/development/centos6/index.html">Vagrant-driven VM</a> is what you need. Use this instead of Vagrant when:</p>
<ul>
<li>You want an environment that can be built and spun up quickly</li>
<li>You need to frequently rebuild and restart services</li>
<li>You only need to test, troubleshoot or develop against a subset of services</li>
</ul>
<p>Metron Docker includes these images that have been customized for Metron:</p>
<ul>
<li>Kafka (with Zookeeper)</li>
<li>HBase</li>
<li>Storm</li>
<li>Elasticsearch</li>
<li>Kibana</li>
<li>HDFS</li>
</ul>
<div class="section">
<h2><a name="Setup"></a>Setup</h2>
<p>Install <a class="externalLink" href="https://docs.docker.com/docker-for-mac/">Docker for Mac</a> or <a class="externalLink" href="https://docs.docker.com/docker-for-windows/">Docker for Windows</a>. The following versions have been tested:</p>
<ul>
<li>Docker version 1.12.0</li>
<li>docker-machine version 0.8.0</li>
<li>docker-compose version 1.8.0</li>
</ul>
<p>Build Metron from the top level directory with:</p>
<div>
<div>
<pre class="source">$ cd $METRON_HOME
$ mvn clean install -DskipTests
</pre></div></div>
<p>You are welcome to use an existing Docker host but we prefer one with more resources. You can create one of those with this script:</p>
<div>
<div>
<pre class="source">$ export METRON_DOCKER_HOME=$METRON_HOME/metron-contrib/metron-docker
$ cd $METRON_DOCKER_HOME
$ ./scripts/create-docker-machine.sh
</pre></div></div>
<p>This will create a host called &#x201c;metron-machine&#x201d;. Anytime you want to run Docker commands against this host, make sure you run this first to set the Docker environment variables:</p>
<div>
<div>
<pre class="source">$ eval &quot;$(docker-machine env metron-machine)&quot;
</pre></div></div>
<p>If you wish to use a local docker-engine install, please set an environment variable BROKER_IP_ADDR to the IP address of your host machine. This cannot be the loopback address.</p></div>
<div class="section">
<h2><a name="Usage"></a>Usage</h2>
<p>Navigate to the compose application root:</p>
<div>
<div>
<pre class="source">$ cd $METRON_DOCKER_HOME/compose/
</pre></div></div>
<p>The Metron Docker environment lifecycle is controlled by the <a class="externalLink" href="https://docs.docker.com/compose/reference/overview/">docker-compose</a> command. The service names can be found in the docker-compose.yml file. For example, to build and start the environment run this command:</p>
<div>
<div>
<pre class="source">$ eval &quot;$(docker-machine env metron-machine)&quot;
$ docker-compose up -d
</pre></div></div>
<p>After all services have started list the containers and ensure their status is &#x2018;Up&#x2019;:</p>
<div>
<div>
<pre class="source">$ docker ps --format 'table {{.Names}}\t{{.Status}}'
NAMES STATUS
metron_storm_1 Up 5 minutes
metron_hbase_1 Up 5 minutes
metron_kibana_1 Up 5 minutes
metron_kafkazk_1 Up 5 minutes
metron_elasticsearch_1 Up 5 minutes
</pre></div></div>
<p>Various services are exposed through http on the Docker host. Get the host ip from the URL property:</p>
<div>
<div>
<pre class="source">$ docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
metron-machine * virtualbox Running tcp://192.168.99.100:2376 v1.12.5
</pre></div></div>
<p>Then, assuming a host ip of <tt>192.168.99.100</tt>, the UIs and APIs are available at:</p>
<ul>
<li>Storm - <a class="externalLink" href="http://192.168.99.100:8080/">http://192.168.99.100:8080/</a></li>
<li>HBase - <a class="externalLink" href="http://192.168.99.100:16010/">http://192.168.99.100:16010/</a></li>
<li>Elasticsearch - <a class="externalLink" href="http://192.168.99.100:9200/_plugin/head/">http://192.168.99.100:9200/_plugin/head/</a></li>
<li>Kibana - <a class="externalLink" href="http://192.168.99.100:5601/">http://192.168.99.100:5601/</a></li>
<li>HDFS (Namenode) - <a class="externalLink" href="http://192.168.99.100:50070/">http://192.168.99.100:50070/</a></li>
</ul>
<p>The Storm logs can be useful when troubleshooting topologies. They can be found on the Storm container in <tt>/usr/share/apache-storm/logs</tt>.</p>
<p>When done using the machine, shut it down with:</p>
<div>
<div>
<pre class="source">$ docker-compose down
</pre></div></div>
</div>
<div class="section">
<h2><a name="Examples"></a>Examples</h2>
<ul>
<li><a href="#Deploy_a_new_parser_class">Deploy a new parser class</a></li>
<li><a href="#Connect_to_a_container">Connect to a container</a></li>
<li><a href="create-a-sensor-from-sample-data/index.html">Create a sensor from sample data</a></li>
<li><a href="upload-configs-to-zookeeper/index.html">Upload configs to Zookeeper</a></li>
<li><a href="manage-a-topology/index.html">Manage a topology</a></li>
<li><a href="run-sensor-data-end-to-end/index.html">Run sensor data end to end</a></li>
</ul>
<div class="section">
<h3><a name="Deploy_a_new_parser_class"></a>Deploy a new parser class</h3>
<p>After adding a new parser to metron-parsers-common, build Metron from the top level directory:</p>
<div>
<div>
<pre class="source">$ cd $METRON_HOME
$ mvn clean install -DskipTests
</pre></div></div>
<p>Then run these commands to redeploy the parsers to the Storm image:</p>
<div>
<div>
<pre class="source">$ cd $METRON_DOCKER_HOME/compose
$ docker-compose down
$ docker-compose build storm
$ docker-compose up -d
</pre></div></div>
</div>
<div class="section">
<h3><a name="Connect_to_a_container"></a>Connect to a container</h3>
<p>Suppose there is a problem with Kafka and the logs are needed for further investigation. Run this command to connect and explore the running Kafka container:</p>
<div>
<div>
<pre class="source">$ cd $METRON_DOCKER_HOME/compose
$ docker-compose exec kafkazk bash
</pre></div></div>
</div>
<div class="section">
<h3><a name="Create_a_sensor_from_sample_data"></a>Create a sensor from sample data</h3>
<p>A tool for producing test data in Kafka is included with the Kafka/Zookeeper image. It loops through lines in a test data file and outputs them to Kafka at the desired frequency. Create a test data file in <tt>./kafkazk/data/</tt> and rebuild the Kafka/Zookeeper image:</p>
<div>
<div>
<pre class="source">$ cd $METRON_DOCKER_HOME/compose
$ printf 'first test data\nsecond test data\nthird test data\n' &gt; ./kafkazk/data/TestData.txt
$ docker-compose down
$ docker-compose build kafkazk
$ docker-compose up -d
</pre></div></div>
<p>This will deploy the test data file to the Kafka/Zookeeper container. Now that data can be streamed to a Kafka topic:</p>
<div>
<div>
<pre class="source">$ docker-compose exec kafkazk ./bin/produce-data.sh
Usage: produce-data.sh data_path topic [message_delay_in_seconds]
# Stream data in TestData.txt to the 'test' Kafka topic at a frequency of 5 seconds (default is 1 second)
$ docker-compose exec kafkazk ./bin/produce-data.sh /data/TestData.txt test 5
</pre></div></div>
<p>The Kafka/Zookeeper image comes with sample Bro and Squid data:</p>
<div>
<div>
<pre class="source"># Stream Bro test data every 1 second
$ docker-compose exec kafkazk ./bin/produce-data.sh /data/BroExampleOutput.txt bro
# Stream Squid test data every 0.1 seconds
$ docker-compose exec kafkazk ./bin/produce-data.sh /data/SquidExampleOutput.txt squid 0.1
</pre></div></div>
</div>
<div class="section">
<h3><a name="Upload_configs_to_Zookeeper"></a>Upload configs to Zookeeper</h3>
<p>Parser configs and a global config configured for this Docker environment are included with the Kafka/Zookeeper image. Load them with:</p>
<div>
<div>
<pre class="source">$ docker-compose exec kafkazk bash
# $METRON_HOME/bin/zk_load_configs.sh -z localhost:2181 -m PUSH -i $METRON_HOME/config/zookeeper
# exit
</pre></div></div>
<p>Dump out the configs with:</p>
<div>
<div>
<pre class="source">$ docker-compose exec kafkazk bash
# $METRON_HOME/bin/zk_load_configs.sh -z localhost:2181 -m DUMP
# exit
</pre></div></div>
</div>
<div class="section">
<h3><a name="Manage_a_topology"></a>Manage a topology</h3>
<p>The Storm image comes with a script to easily start parser topologies:</p>
<div>
<div>
<pre class="source">docker-compose exec storm ./bin/start_docker_parser_topology.sh sensor_name
</pre></div></div>
<p>The enrichment topology can be started with:</p>
<div>
<div>
<pre class="source">docker-compose exec storm ./bin/start_enrichment_topology.sh
</pre></div></div>
<p>The indexing topology can be started with:</p>
<div>
<div>
<pre class="source">docker-compose exec storm ./bin/start_elasticsearch_topology.sh
</pre></div></div>
<p>Topologies can be stopped using the Storm CLI. For example, stop the enrichment topology with:</p>
<div>
<div>
<pre class="source">docker-compose exec storm storm kill enrichments -w 0
</pre></div></div>
</div>
<div class="section">
<h3><a name="Run_sensor_data_end_to_end"></a>Run sensor data end to end</h3>
<p>First ensure configs were uploaded as described in the previous example. Then start a sensor and leave it running:</p>
<div>
<div>
<pre class="source">$ cd $METRON_DOCKER_HOME/compose
$ docker-compose exec kafkazk ./bin/produce-data.sh /data/BroExampleOutput.txt bro
</pre></div></div>
<p>Open a separate console session and verify the sensor is running by consuming a message from Kafka:</p>
<div>
<div>
<pre class="source">$ export METRON_DOCKER_HOME=$METRON_HOME/metron-contrib/metron-docker
$ cd $METRON_DOCKER_HOME/compose
$ docker-compose exec kafkazk ./bin/kafka-console-consumer.sh --zookeeper localhost:2181 --topic bro
</pre></div></div>
<p>A new message should be printed every second. Now kill the consumer and start the Bro parser topology:</p>
<div>
<div>
<pre class="source">$ docker-compose exec storm ./bin/start_docker_parser_topology.sh bro
</pre></div></div>
<p>Bro data should be flowing through the bro parser topology and into the Kafka enrichments topic. The enrichments topic should be created automatically:</p>
<div>
<div>
<pre class="source">$ docker-compose exec kafkazk ./bin/kafka-topics.sh --zookeeper localhost:2181 --list
bro
enrichments
indexing
</pre></div></div>
<p>Verify parsed Bro data is in the Kafka enrichments topic:</p>
<div>
<div>
<pre class="source">docker-compose exec kafkazk ./bin/kafka-console-consumer.sh --zookeeper localhost:2181 --topic enrichments
</pre></div></div>
<p>Now start the enrichment topology:</p>
<div>
<div>
<pre class="source">docker-compose exec storm ./bin/start_enrichment_topology.sh
</pre></div></div>
<p>Parsed Bro data should be flowing through the enrichment topology and into the Kafka indexing topic. Verify enriched Bro data is in the Kafka indexing topic:</p>
<div>
<div>
<pre class="source">docker-compose exec kafkazk ./bin/kafka-console-consumer.sh --zookeeper localhost:2181 --topic indexing
</pre></div></div>
<p>Now start the indexing topology:</p>
<div>
<div>
<pre class="source">docker-compose exec storm ./bin/start_elasticsearch_topology.sh
</pre></div></div>
<p>Enriched Bro data should now be present in the Elasticsearch container:</p>
<div>
<div>
<pre class="source">$ docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
metron-machine * virtualbox Running tcp://192.168.99.100:2376 v1.12.5
$ curl -XGET http://192.168.99.100:9200/_cat/indices?v
health status index pri rep docs.count docs.deleted store.size pri.store.size
yellow open .kibana 1 1 1 0 3.1kb 3.1kb
yellow open bro_index_2016.12.19.18 5 1 180 0 475kb 475kb
</pre></div></div></div></div>
</div>
</div>
</div>
<hr/>
<footer>
<div class="container-fluid">
<div class="row-fluid">
© 2015-2016 The Apache Software Foundation. Apache Metron, Metron, Apache, the Apache feather logo,
and the Apache Metron project logo are trademarks of The Apache Software Foundation.
</div>
</div>
</footer>
</body>
</html>