Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Managing the Containers

Ridgeback’s core functionality relies on a set of containerized services. These containers, running within Docker or a compatible container environment, provide portability, simplified deployments, and easier updates. This chapter guides you through the processes involved in managing these containers, from initial setup to routine operations, troubleshooting, and maintenance.

Installing Docker Desktop (Windows, macOS, Linux)

Docker Desktop provides a user-friendly interface and integrates seamlessly with Windows, macOS, and some Linux distributions:

  • Windows:

    1. Download Docker Desktop for Windows from https://docs.docker.com/desktop/install/windows-install/.
    2. Run the installer and follow the on-screen instructions.
    3. Enable WSL 2 backend if prompted. This is recommended for better performance and compatibility.
    4. After installation, launch Docker Desktop and ensure it’s running.

  • macOS:

    1. Download Docker Desktop for Mac from https://docs.docker.com/desktop/install/mac-install/.
    2. Drag and drop the Docker app into the Applications folder.
    3. Launch Docker Desktop and allow necessary permissions if prompted.
    4. Wait for Docker to start. The whale icon in the menu bar indicates the status.

  • Linux:
    While Docker Desktop is available for Linux, many Linux users prefer Docker Engine directly. If you opt for Docker Desktop on Linux (supported on certain distributions):

    1. Download the .deb or .rpm package as per your distro from https://docs.docker.com/desktop/install/linux-install/.
    2. Install using your package manager and follow the official instructions to start the Docker Desktop daemon.

    Docker Desktop on Linux provides a GUI, but it’s optional. Most Linux admins prefer Docker Engine directly.

Installing Docker Engine for Linux

On Linux servers (Ubuntu, Debian, CentOS, RHEL, etc.), it’s often more efficient and resource-friendly to install the Docker Engine rather than Docker Desktop.

  1. Update Repositories:

    sudo apt-get update

  2. Install Dependencies (on Debian/Ubuntu):

    sudo apt-get install ca-certificates curl gnupg lsb-release

  3. Add Docker GPG Key and Repository:

    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

  4. Install Docker Engine:

    sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io

  5. Verify Installation:

    sudo docker run hello-world

    For other distributions, consult the official Docker Engine installation guide and follow the equivalent steps.

Installing Proxmox Virtual Environment

Proxmox VE is a virtual environment platform that can host virtual machines and containers. To run Ridgeback’s container environment in Proxmox, you can:

  1. Install Proxmox VE following the official guide at https://www.proxmox.com/en/proxmox-virtual-environment/overview.
  2. Create a VM: Set up a virtual machine running a Linux distribution that supports Docker.
  3. Install Docker Engine inside that VM using the steps above.
  4. Deploy Ridgeback Containers as you would on a physical server.

Proxmox simplifies resource allocation and scaling, allowing you to adjust CPU, memory, and storage resources for your Ridgeback environment dynamically.

Downloading the Docker Images

Before you can run Ridgeback’s containers, you need the appropriate Docker images:

  1. Obtain License and Credentials: Make sure you have your Ridgeback license and any required credentials for accessing the Ridgeback container registry.

  2. Login to the Container Registry (if required):

    docker login <registry.example.com> -u <username> -p <password>

    Replace <registry.example.com> with the Ridgeback registry endpoint provided in your documentation or by the support team.

  3. Pull the Images: Once authenticated, pull the required images:

    docker pull <registry.example.com>/ridgeback/manager:latest
docker pull <registry.example.com>/ridgeback/server:latest
docker pull <registry.example.com>/ridgeback/policy:latest
docker pull <registry.example.com>/ridgeback/analytics:latest
docker pull <registry.example.com>/ridgeback/enrichment:latest
docker pull <registry.example.com>/ridgeback/surface:latest

    Consult the Ridgeback documentation for the exact set of service images required. The latest tag may be replaced by a specific version tag for production environments.

    With docker compose and a docker-compose.yml file, the process of pulling images can be simplified to a single command:

    docker compose pull

Creating the Service Containers

Once Docker and the images are ready, you can create service containers using either docker run commands or a docker-compose.yml file:

  1. Using Docker Compose:

    docker compose up -d

    Ensure your docker-compose.yml and .env files are properly configured. The .env file will hold variables like database credentials, license information, and email server configuration.

  2. Manually Running Containers:
    For advanced scenarios, run containers directly:

    docker run -d --name ridgeback-server -p 443:443 <registry.example.com>/ridgeback/server:latest

    Repeat for other service containers, ensuring the correct environment variables and volume mounts are set.

Note: The recommended approach is to use the docker-compose.yml file provided by Ridgeback, as it simplifies orchestrating multiple containers and ensures consistent configuration.

Starting and Stopping the Service Containers

  • Start Containers:
    If using Docker Compose:

    docker compose up -d

    If containers were previously stopped:

    docker compose start

  • Stop Containers:

    docker compose stop

    Or, to remove them from the foreground:

    docker compose down

  • Individual Container Control:

    docker stop ridgeback-server
docker start ridgeback-server

Removing Service Containers

If you need to remove containers (e.g., for a clean reinstall):

  • Stop and Remove:

    docker compose rm -sf

    This removes the containers defined in docker-compose.yml.

  • Remove Specific Containers:

    docker stop ridgeback-server
docker rm ridgeback-server

Warning: Removing containers does not remove volumes or networks by default. Review and remove them if needed:

docker volume ls
docker volume rm <volume_name>
docker network ls
docker network rm <network_name>

Reviewing Service Container Logs

Logs are essential for troubleshooting and verifying that Ridgeback services are running correctly.

  • View Logs from All Services:

    docker compose logs

  • View Logs for a Specific Service:

    docker compose logs server

  • Follow Logs in Real-Time:

    docker compose logs -f server

These logs provide insights into issues like database connection problems, license verification errors, or email alerts. Regularly reviewing logs aids proactive maintenance.

Special Issues for a Computer (like a Laptop) That Is Not Always Running

Ridgeback’s containers are generally expected to run continuously. If you install on a laptop or a system that frequently sleeps or shuts down:

  • Persistent Storage: Ensure that data volumes and the database are stored on durable storage so that temporary interruptions don’t cause data loss.
  • Startup Scripts: Create startup scripts or systemd services to automatically run docker compose up -d when the machine boots.
  • Check Time Sync: Laptops often sleep, causing time drift. Ensure NTP or system clock sync is enabled so that Ridgeback’s timestamps and license checks remain accurate.
  • Cloud-Based Database: If using a cloud-hosted database, verify that network connectivity is restored before Ridgeback services start, or they might fail to connect initially.

Updating the Server Certificate

Ridgeback’s server container likely uses TLS for secure web access. Certificates expire and may need renewal:

  1. Obtain a New Certificate and Key from a trusted CA or your internal PKI.

  2. Replace the Certificate in the keys folder in the server container (e.g., /usr/src/app/keys):

    cp new_cert.pem /usr/app/keys/cert.pem
cp new_key.pem /usr/app/keys/key.pem

  3. Update docker-compose.yml if Needed: Ensure it references the correct certificate paths.

  4. Restart the Container:

    docker compose rm -sf server
docker compose up -d server

    The service should now run with the updated certificate.